PPTP VPN: no internet access

Laurent · ‎02-08-2012

Hello, I have setup a PPTP Vpn access. I can connect with no problem but once connected I can' t access internet... What can it be? Regards.

Laurent

rwpatterson · ‎02-08-2012

I' ve never user PPTP before, but if it' s like IPSec, then you need to create a policy on the firewall to allow traffic from the PPTP tunnel through the FGT to the Internet.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Owain_Deagle · ‎02-09-2012

If it' s a standard Windows PPTP connection, in the advanced TCP/IP settings of the connection, uncheck the " Use default gateway of remote connection" option, and it will route your internet stuff locally.

Laurent · ‎02-09-2012

If it' s a standard Windows PPTP connection, in the advanced TCP/IP settings of the connection, uncheck the " Use default gateway of remote connection" option, and it will route your internet stuff locally.

Thanks but I need to use the internet over the VPN connection. The firewall already allows any to any ... so ... I don' t know what is wrong. I haven' t configured the FG myself so I plan to wipe, upgrade and reinstall if I can get a way to renew the subscription which seems a challenge! I submitted a ticket for that and they told me to contact a reseller. I contacted many but only one responded telling me to contact Fortigate so I am a bit stuck.... I may end replacing the FG by a linux firewall if I can' t get a way to renew the FG subscription.

Laurent

rwpatterson · ‎02-10-2012

I find it hard to believe that no one wants your money.... Try to create a policy, wanx->wanx, source is the PPTP subnet, destination all, NAT on. This should sent the PPTP traffic to the Internet through the tunnel. You may need to add a static route back to the PPTP subnet with a lower priority than your default gateway.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

mafton · ‎02-17-2012

All config about PPTP : 1- Create user 2- Create user group like " PPTP-Group" 3- CLI commands: config vpn pptp set status enable set sip 192.168.100.10 (or any other IP range) set eip 192.168.100.100 set usrgrp PPTP-Group end 4- Create firewall address like " PPTP-Range" with address 192.168.100.[10-100] 5-Creare firewall policy Source Interface like Internal Source address " PPTP-Range" Destination Interface like WAN Destination address ALL Enable NAT Just 3 minutes , Do not replace Linux with Greate Fortigate

Norozi

laf · ‎02-19-2012

All config about PPTP : 1- Create user 2- Create user group like " PPTP-Group" 3- CLI commands: config vpn pptp set status enable set sip 192.168.100.10 (or any other IP range) set eip 192.168.100.100 set usrgrp PPTP-Group end 4- Create firewall address like " PPTP-Range" with address 192.168.100.[10-100] 5-Creare firewall policy Source Interface like Internal Source address " PPTP-Range" Destination Interface like WAN Destination address ALL Enable NAT

It' s all good except 5. You need two firewall policies: wan1-internal (no NAT) so you can access internal network wan1-wan1 (NAT) as Bob said so PPTP clients can browse Internet through Fortigate.

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.

PPTP VPN: no internet access

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website