New Member
Posts: 31
Registered: ‎03-04-2016
Kudos: 10

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

Capture.PNGCapture2.PNG

New Member
Posts: 31
Registered: ‎03-04-2016
Kudos: 10

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

The ip-pool is just a little part of my normal subnet on the LAN. When testing from a device on the same net, pptp connects fine. When coming from the outside, it's just random... Just upgraded to 1.8.5alpha. Then it worked for 5 minutes, and then poof - no connection.

 

New Member
Posts: 8
Registered: ‎06-02-2016
Kudos: 1

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

I have a 5 port edgerouter so I have eth2-4 bound as switch0. But when I try to use switch0 and 192.168.1.0/24 I still can't see my home computers in windows explorer. Any thoughts?

New Member
Posts: 6
Registered: ‎04-13-2016

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

is this allowed you access to local network? file sharing etc...

Ubiquiti Employee
Posts: 2,965
Registered: ‎10-05-2015
Kudos: 1155
Solutions: 232

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

@kbtang88 Again, it might be best to start a new thread explaining what you would like to accomplish. Here is a L2TP Sever setup guide if you are looking to add a VPN for remote access this might be a good place to start.

New Member
Posts: 8
Registered: ‎06-02-2016
Kudos: 1

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

Hi Jordan,

I meant to include 

 

 rule 5011 {
     description "masquerade for VPN"
     log disable
     outbound-interface eth1 ****THIS IS YOUR INTERNAL NETWORK****
     protocol all
     source {
         address x.x.x.x/x
     }
     type masquerade
 }

 

I've added that rule but I cannot see my lan computers, although I can ping them or access them through their web-gui, if they have a webserver running.

 

This is my config, any ideas?

 

Established Member
Posts: 879
Registered: ‎02-07-2015
Kudos: 179
Solutions: 37

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

What version of Windows? Sounds like the link or firewall may be blocking netbios traffic. Also make sure the VPN and network connection is set as a private network and not a public network.
New Member
Posts: 8
Registered: ‎06-02-2016
Kudos: 1

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

[ Edited ]

@ITguyUSA, sorry for the delay but I've been trying a few different computers to no avail. I tried with 2 windows 10 computers (1 with the firewall disabled for private networks) and 1 windows 8.1.

All of them are able to connect, and I can get a lan ip and ping my lan computers, but none of them can see any of the home computers. Interestingly though, two of the computers were able to see eachother when they were connected to the VPN, so it looks like the lan names are not being passed to the vpn.

I really don't know much about how NetBios works, but it looks like I need to make some changes in the router to allow the vpn to talk to the switch0 interface. Regular IP traffic seems to go through though, so I'm a bit stumped.

 

Edit: , when I'm connected to the vpn from work I can see the work computers on the network, not the computers on my lan.

Established Member
Posts: 879
Registered: ‎02-07-2015
Kudos: 179
Solutions: 37

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

I will do some testing on my end. It sounds like the edge is blocking netbios traffic through the VPN. I never really use the browser computers part of Windows so I will have to research the ports being used for netbios and unblock them.
New Member
Posts: 8
Registered: ‎06-02-2016
Kudos: 1

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

@ITguyUSA, thank you. I can access the computers via their IP so it isn't the end of the world, but it would be nice.

Could it be that it isn't possible to do this with NetBios SuperUser Link?

Established Member
Posts: 879
Registered: ‎02-07-2015
Kudos: 179
Solutions: 37

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

I would also like work on a resolution to this if possible. It is possible with other routers so it should be possible with edgemax. Check out this link. We may want to start a new thread for this specific issue.

http://www.dd-wrt.com/phpBB2/viewtopic.php?p=631524

Ports used that will need to be allowed through firewall for PPTP traffic

UDP 137
UDP 138
TCP 139
TCP/UDP 445
Emerging Member
Posts: 68
Registered: ‎02-11-2015
Kudos: 10
Solutions: 2

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

[ Edited ]

Thanks for the guide! I just switched from DD-WRT to the ER-X as well and had the VPN working internally (duh) but not externally. The missing firewall rules resolved the issue. This works on the v1.8.5 firmware.

New Member
Posts: 3
Registered: ‎09-28-2016

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

Appreciate the instructions. I'm a newbie, and it worked great. Like you said, only took 5 minutes to setup the VPN on the Edgerouter Pro version 1.9.0

New Member
Posts: 3
Registered: ‎10-06-2016

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

 


@ITguyUSA wrote:
I have set this up at dozens of offices and have only noticed it not working when there is a double NAT on the network or when trying to use the VPN while using a wifi connection that has the same lan range as the remote location. Could you post your config?

Double NAT: You probably just have to port forward the relevant traffic on the "outer" router, sending all incoming connections to the "inner" router (assuming the EdgeRouter that you just set up the VPN on, is the inner router). These port forwards will depend on the OS of the outer router, but should match the F/W rules configured here in "Step 4"

 

Using same LAN range as remote network: Yeah you can't do that. Doesn't matter if it's WiFI or hardwired, you'll have to change the IP range of one or the other LAN, otherwise the routers are going to get confused about which side of the WAN link the different items are, and route your packets in all the wrong directions.

New Member
Posts: 3
Registered: ‎10-06-2016

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

[ Edited ]

One question, one observation

 

1. I don't get the Firmware numbering. I am working on a very recently purchased EdgeRouter Pro with version 1.3 - I can't believe it's so old that this post from more than a year ago refers to a version that much more recent. What gives?

 

2. The example username FRED is later quoted as Fred. In my experience (I haven't yet got this VPN working, but I have worked on other servers based on Linux-like software) user names *are* case sensitive so you have to be careful when creating users.

 

Edit: Oh, one other thing

 

3. In the guide, there's a reference to backing up the current config. The router I'm working on has no such button. That's actually a bit of a b!tch, because I think I just did something that is going to require a push-button reset... to defaults Man Sad

New Member
Posts: 8
Registered: ‎06-14-2014
Kudos: 1

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

For what it's worth - I don't think iOS 10 supports PPTP anymore...  This should probably be added to the top of this thread...

Emerging Member
Posts: 68
Registered: ‎02-11-2015
Kudos: 10
Solutions: 2

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS


@andy123 wrote:

For what it's worth - I don't think iOS 10 supports PPTP anymore...  This should probably be added to the top of this thread...


Yeah, I had to switch to L2TP on my ER-X. 

New Member
Posts: 3
Registered: ‎10-06-2016

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

Yep, pparently PPTP has been shown to be insecure. IOS now offers IKEv2, IPSec, L2TP. Not even OpenVPN, I suppose OSS would go against the grain at Apple Man Wink

 

 

New Member
Posts: 5
Registered: ‎11-15-2016
Kudos: 1

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

Are you by any chance using load balancing?

If so, make sure that you have all LAN interfaces set to firewall in modify balance. I have seen erratic results when this setting is overlooked.

New Member
Posts: 5
Registered: ‎11-15-2016
Kudos: 1

Re: GUIDE: How to configure Local PPTP VPN on 1.5.0 Firmware, works on iOS

Ooops! I didn't realize there was a page two when I responded one of the last posts on page one. Man Tongue