{"id":469,"date":"2016-06-21T10:55:50","date_gmt":"2016-06-21T14:55:50","guid":{"rendered":"http:\/\/www.amixa.com\/blog\/?p=469"},"modified":"2016-06-21T10:56:54","modified_gmt":"2016-06-21T14:56:54","slug":"pfsense-2-3-pptp-vpn-passthru-workaround","status":"publish","type":"post","link":"https:\/\/www.amixa.com\/blog\/2016\/06\/21\/pfsense-2-3-pptp-vpn-passthru-workaround\/","title":{"rendered":"PFSENSE 2.3 PPTP VPN passthru workaround"},"content":{"rendered":"

PFSense 2.3.x and up have removed the PPTP tab, and PPTP passthru options.\u00a0 This is because PPTP has been depreciated and it not considered 100% safe anymore.<\/p>\n

For those of you still in need of using PPTP passthru to allow Windows VPN remote users into your LAN, here is the easy workaround.<\/p>\n

    \n
  1. Firewall, NAT, Port forward.\n
      \n
    1. add port forward from WAN (presumably your outside interface name)\n
        \n
      1. TCP<\/li>\n
      2. WAN ADDRESS<\/li>\n
      3. DEST PORT RANGE=PPTP 1723<\/li>\n
      4. REDIRECT TARGET IP=the internal IP of your Windows RRAS server.<\/li>\n
      5. REDIRECT TARGET PORT=1723<\/li>\n
      6. Allow it to ADD ASSOCIATED FILTER RULE for this entry<\/li>\n
      7. SAVE<\/li>\n<\/ol>\n<\/li>\n
      8. add another rule, exactly the same as above EXCEPT for GRE.\u00a0 All the same settings, but use GRE<\/li>\n<\/ol>\n<\/li>\n
      9. Once that is complete, go look at your WAN firewall rules.\u00a0 You should have two new auto-created rules.\u00a0 One for PPTP and one for GRE.<\/li>\n
      10. \u00a0Remote users should now be able to connect just fine through PFSENSE 2.3.x into your Windows RRAS server.<\/li>\n<\/ol>\n

        Remember, using PPTP in 2016 is considered a risk, so do it at your own risk.\u00a0 Please consider moving towards a newer VPN standard with better security.<\/p>\n","protected":false},"excerpt":{"rendered":"

        PFSense 2.3.x and up have removed the PPTP tab, and PPTP passthru options.\u00a0 This is because PPTP has been depreciated and it not considered 100% safe anymore. For those of you still in need of using PPTP passthru to allow Windows VPN remote users into your LAN, here is the easy workaround. Firewall, NAT, Port forward. add port forward from<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[118,1,107,34,22],"tags":[74,73,119,121,120,122],"class_list":["post-469","post","type-post","status-publish","format-standard","hentry","category-pfsense","category-random-bits","category-windows-10","category-windows-7-tips","category-windows-server","tag-firewall","tag-pfsense","tag-pptp","tag-remote-access","tag-rras","tag-vpn"],"_links":{"self":[{"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/posts\/469","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/comments?post=469"}],"version-history":[{"count":2,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/posts\/469\/revisions"}],"predecessor-version":[{"id":471,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/posts\/469\/revisions\/471"}],"wp:attachment":[{"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/media?parent=469"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/categories?post=469"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/tags?post=469"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}