- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiBridge
- FortiAuthenticator
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDDoS
- FortiDAST
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiGate Cloud
- FortiExtender
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecorder
- FortiRecon
- FortiSandbox
- FortiScan
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- FortiWebCloud
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- RE: PPTP VPN: no internet access
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
PPTP VPN: no internet access
Hello,
I have setup a PPTP Vpn access. I can connect with no problem but once connected I can' t access internet...
What can it be?
Regards.
Laurent
Laurent
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I' ve never user PPTP before, but if it' s like IPSec, then you need to create a policy on the firewall to allow traffic from the PPTP tunnel through the FGT to the Internet.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Bob - self proclaimed posting junkie!See my Fortigate related scripts
at: http://fortigate.camerabob.com
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If it' s a standard Windows PPTP connection, in the advanced TCP/IP settings of the connection, uncheck the " Use default gateway of remote connection" option, and it will route your internet stuff locally.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If it' s a standard Windows PPTP connection, in the advanced TCP/IP settings of the connection, uncheck the " Use default gateway of remote connection" option, and it will route your internet stuff locally.Thanks but I need to use the internet over the VPN connection. The firewall already allows any to any ... so ... I don' t know what is wrong. I haven' t configured the FG myself so I plan to wipe, upgrade and reinstall if I can get a way to renew the subscription which seems a challenge! I submitted a ticket for that and they told me to contact a reseller. I contacted many but only one responded telling me to contact Fortigate so I am a bit stuck.... I may end replacing the FG by a linux firewall if I can' t get a way to renew the FG subscription.
Laurent
Laurent
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I find it hard to believe that no one wants your money....
Try to create a policy, wanx->wanx, source is the PPTP subnet, destination all, NAT on. This should sent the PPTP traffic to the Internet through the tunnel. You may need to add a static route back to the PPTP subnet with a lower priority than your default gateway.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Bob - self proclaimed posting junkie!See my Fortigate related scripts
at: http://fortigate.camerabob.com
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
All config about PPTP :
1- Create user
2- Create user group like " PPTP-Group"
3- CLI commands:
config vpn pptp
set status enable
set sip 192.168.100.10 (or any other IP range)
set eip 192.168.100.100
set usrgrp PPTP-Group
end
4- Create firewall address like " PPTP-Range" with address 192.168.100.[10-100]
5-Creare firewall policy
Source Interface like Internal
Source address " PPTP-Range"
Destination Interface like WAN
Destination address ALL
Enable NAT
Just 3 minutes , Do not replace Linux with Greate Fortigate
Norozi
Norozi
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
All config about PPTP : 1- Create user 2- Create user group like " PPTP-Group" 3- CLI commands: config vpn pptp set status enable set sip 192.168.100.10 (or any other IP range) set eip 192.168.100.100 set usrgrp PPTP-Group end 4- Create firewall address like " PPTP-Range" with address 192.168.100.[10-100] 5-Creare firewall policy Source Interface like Internal Source address " PPTP-Range" Destination Interface like WAN Destination address ALL Enable NATIt' s all good except 5. You need two firewall policies: wan1-internal (no NAT) so you can access internal network wan1-wan1 (NAT) as Bob said so PPTP clients can browse Internet through Fortigate.
The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
The most expensive and scarce resource for man is time, paradoxically,
it' s infinite.
Announcements
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
Related Posts
- How to perform special internet access... 86 Views
- Lost access to Internet and local... 100 Views
- Unable to route public IP into... 95 Views
- Transit vlan from Nexus to Fortigate 118 Views
- Accessing FortiProxy Explicit Proxy from Internet... 137 Views
Labels
-
FortiGate
7,157 -
FortiClient
1,412 -
5.2
801 -
5.4
639 -
FortiManager
619 -
FortiAnalyzer
456 -
6.0
416 -
FortiAP
376 -
FortiSwitch
372 -
5.6
362 -
FortiClient EMS
291 -
FortiMail
281 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
175 -
FortiNAC
128 -
6.4
128 -
FortiGuard
115 -
IPsec
107 -
SSL-VPN
103 -
FortiGateCloud
97 -
FortiSIEM
93 -
FortiCloud Products
89 -
FortiToken
76 -
Customer Service
71 -
Wireless Controller
65 -
4.0MR3
64 -
FortiProxy
49 -
SD-WAN
48 -
FortiADC
45 -
FortiEDR
44 -
Fortivoice
44 -
FortiDNS
39 -
FortiExtender
35 -
FortiGate v5.4
35 -
FortiAuthenticator
35 -
FortiSandbox
34 -
Firewall policy
33 -
FortiSwitch v6.4
32 -
VLAN
31 -
High Availability
31 -
DNS
24 -
FortiWAN
24 -
FortiConnect
24 -
ZTNA
23 -
BGP
21 -
FortiConverter
21 -
Certificate
20 -
SAML
19 -
FortiGate v5.2
19 -
FortiPortal
18 -
LDAP
18 -
Interface
18 -
FortiSwitch v6.2
17 -
Routing
17 -
VDOM
17 -
FortiMonitor
15 -
Authentication
15 -
FortiGate v5.0
14 -
FortiLink
14 -
Fortigate Cloud
14 -
FortiDDoS
14 -
Logging
14 -
NAT
13 -
RADIUS
12 -
FortiCASB
12 -
Application control
11 -
Web profile
11 -
Traffic shaping
10 -
Virtual IP
10 -
SSO
10 -
SSL SSH inspection
10 -
FortiRecorder
10 -
SSID
9 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
WAN optimization
9 -
4.0MR2
9 -
IP address management - IPAM
8 -
FortiBridge
8 -
FortiGate v4.0 MR3
8 -
OSPF
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
FortiAP profile
7 -
SNMP
7 -
4.0
7 -
Admin
7 -
Web application firewall profile
7 -
Static route
6 -
Security profile
6 -
Proxy policy
6 -
Traffic shaping policy
6 -
Automation
6 -
IPS signature
5 -
Packet capture
5 -
DNS Filter
5 -
FortiCache
5 -
FortiManager v4.0
5 -
trunk
5 -
FortiDeceptor
4 -
FortiDirector
4 -
Web rating
4 -
Intrusion prevention
4 -
Port policy
4 -
Antivirus profile
4 -
FortiPAM
4 -
FortiCarrier
4 -
FortiTester
4 -
3.6
4 -
DLP sensor
4 -
FortiScan
4 -
Fabric connector
3 -
NAC policy
3 -
Multicast routing
3 -
System settings
3 -
FortiToken Cloud
3 -
Traffic shaping profile
3 -
Fortinet Engage Partner Program
3 -
DLP Dictionary
3 -
DLP profile
3 -
FortiDB
3 -
DoS policy
3 -
Email filter profile
3 -
FortiInsight
2 -
Netflow
2 -
Users
2 -
Protocol option
2 -
FortiAI
2 -
Application signature
2 -
FortiHypervisor
2 -
VoIP profile
2 -
Internet Service Database
2 -
Explicit proxy
2 -
4.0MR1
1 -
Multicast policy
1 -
Zone
1 -
FortiCWP
1 -
Kerberos
1 -
Subscription Renewal Policy
1 -
FortiNDR
1 -
TACACS
1 -
Replacement messages
1 -
Schedule
1 -
SDN connector
1 -
FortiManager-VM
1 -
Authentication rule and scheme
1 -
Service
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1062 | |
| 889 | |
| 527 | |
| 441 | |
| 152 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.