OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: Wuschy on June 21, 2019, 09:49:33 pm

Title: PPTP VPN (behind FW) not working - Inbound LAN blocked
Post by: Wuschy on June 21, 2019, 09:49:33 pm

Hi all,

I don't get it... I've configured the (NAT) rules for GRE and PPTP and in the Log-Files, I can see an incoming connection, answered by my server but then the packages are shown up as incoming from LAN and get blocked by the default deny rule:

__timestamp__   Jun 21 21:23:18
ack   1472432395
action   [block]
anchorname   
datalen   0
dir   [in]
dst   178.197.227.178
dstport   18413
ecn   
id   5395
interface   em0
ipflags   DF
label   Default deny rule
length   56
offset   0
proto   6
protoname   tcp
reason   match
ridentifier   0
rulenr   8
seq   929540809
src   192.168.1.106
srcport   62369
subrulenr   
tcpflags   SA
tcpopts   
tos   0x0
ttl   127
urp   8192
version   4

by the way, this has worked before, but I had issues with my VPN Server and after fixing it, the FW now gets me curious!

Please help!!

Title: Re: PPTP VPN (behind FW) not working - Inbound LAN blocked
Post by: Wuschy on June 21, 2019, 10:01:57 pm

Again "btw": it seems that the WAN IP address is recognized as a LAN address, I think thats the reason for the block (default deny rule)

Title: Re: PPTP VPN (behind FW) not working - Inbound LAN blocked
Post by: Wuschy on June 21, 2019, 10:05:51 pm

another btw:
once it was working but over GRE only... and there the traffic was listed as outgoing WAN with my public IP address.....??