Page 1 of 1
Gargoyle 1.3.8 + VPN PPTP Server
Posted: Thu Nov 25, 2010 7:47 am
by stilllearning
Hi All,
Just installed and setup Gargoyle 1.3.8, everything works ok so far, but I cannot connect to my VPN PPTP Server, I have forwarded/opened port 1723 pointing to my VPN PPTP Server but still no luck, what do I need to do to get this working.
Appriciate you help in advance.
Re: Gargoyle 1.3.8 + VPN PPTP Server
Posted: Sun Nov 28, 2010 4:18 am
by vplessky
stilllearning wrote:Hi All,
Just installed and setup Gargoyle 1.3.8, everything works ok so far, but I cannot connect to my VPN PPTP Server, I have forwarded/opened port 1723 pointing to my VPN PPTP Server but still no luck, what do I need to do to get this working.
I tested following setup.
WAN IP: Static IP
WAN GW: GW for Static IP address
Than I start PPTP (VPN) client in Windows.
And connect to this PPTP server, using Windows Client.
This works.
To enable PPTP as WAN connection in Gargoyle - most likely you need to add PPTP Client to router manually, via opkg.
Re: Gargoyle 1.3.8 + VPN PPTP Server
Posted: Sun Dec 04, 2011 7:09 pm
by stanelie
A bit late to the conversation, but since I was searching for this myself and I was able to figure it out, here is the solution that worked for me.
In order to have PPTP over NAT work for me, I needed to modify the /etc/firewall.user file by putting this in it :
Code: Select all
## PPTP: forward initiator 1723/tcp
iptables -t nat -A prerouting_wan -p tcp --dport 1723 -j DNAT --to 192.168.1.10
iptables -A forwarding_wan -p tcp --dport 1723 -d 192.168.1.10 -j ACCEPT
## PPTP: forward tunnel GRE traffic
iptables -t nat -A prerouting_wan -p gre -j DNAT --to 192.168.1.10
iptables -A forwarding_wan -p gre -d 192.168.1.10 -j ACCEPT
Obviously, you need to modify the IP address in the code to match the pptp server inside your network. I also forward the port 1723 to my pptp server using the web interface, I am unsure if this is needed or not.
I found this info here :
http://www.blackmanticore.com/51f359dfe ... 633e2e7c2b . Somehow, I didn't need to install all the specified packages for this to work.
I am running Gargoyle 1.5.0 on a TP-Link WR1043ND.
Re: Gargoyle 1.3.8 + VPN PPTP Server
Posted: Sun Dec 04, 2011 10:43 pm
by stanelie
The port redirection is not necessary, just the firewall rules in /etc/firewall.user.
I pulled 1.5.0 from my router, I had wifi troubles...
Re: Gargoyle 1.3.8 + VPN PPTP Server
Posted: Fri Dec 09, 2011 5:26 pm
by ng3700v2
I've wasted many hours trying to get my Windows 7 VPN server to be visibile from the WAN side as well...
I also found the blackmanticore article and tried numerous variations of the instructions and came up fruitless.
I believe a large part of the problem is that several kernel modules are are required to forward on the GRE protocal traffic. I can't get kmod-gre to load under any version of gargoyle.
All of the packages seem to install fine, they just won't load:
Code: Select all
opkg install kmod-ipt-conntrack kmod-ipt-conntrack-extra kmod-ipt-nat kmod-ipt-nat-extra kmod-ipt-nathelper kmod-ipt-nathelper-extra
opkg install pptp pptpd
dmesg output:
Code: Select all
nf_conntrack_proto_gre: Unknown symbol nf_ct_port_nlattr_tuple_size
nf_conntrack_proto_gre: Unknown symbol nf_ct_port_nla_policy
nf_conntrack_proto_gre: Unknown symbol nf_ct_port_tuple_to_nlattr
nf_conntrack_proto_gre: Unknown symbol nf_ct_port_nlattr_to_tuple
dmesg output:
Code: Select all
ip_gre: Unknown symbol __secpath_destroy
Please correct me if I am wrong...
Re: Gargoyle 1.3.8 + VPN PPTP Server
Posted: Sun Dec 11, 2011 8:49 am
by Ayelen