Passing pptp through IPFire

I’m having trouble connecting to a pptp vpn. When I connect my other networks (not protected by IPFire), I can connect to the pptp endpoint but I can’t connect to the same VPN passing through IPFire.

What am I missing?

Logs or other information that helps someone to get to the bottom of it.

IPFire has a PPTP ALG which you can disable on the firewall options page. It should not cause any problems, but it might be worth a try.

Thank you. I completely forgot about the application level gateways. The PPTP one was turned off. After flipping the switch and rebooting, it works just fine. FWIW, there are no traces in the messages log file giving any indication to look for an ALG. I would still be hunting and cursing if it had been for your help.

Suggestion: all of those firewall options were invisible. I would either add a submenu to firewall options or explicitly list those options in the firewall drop-down to make them discoverable.

Where? They are all listed on a big page. How are they invisible?

Sorry. I wasn’t clear enough.

Back in the day when I was more heavily involved in HCI work, I learned from the researchers that people use the menus to discover what they need to do. This is one of the contexts where popout submenus work better than dialog boxes with tabs.

In the firewall options menu item, the addition of a popout submenu listing major categories on that page would help user navigation. Another possible UI mechanism could be a pop-up tooltip that explains what is found under that menu item.

Does that make sense?

Yes it does. The UI of the firewall isn’t the best, but it works, which is most important.

Hi everyone,
What about this Topic with Core update 155 ?
I tried several rules that NAT GRE protocol and TCP 1723 In and Out but i canno’t find a way to make the PPTP VPN Pass throught without the ALG PPTP in Core 155.
So i had to temporarly revert to Core 154 with ALG PPTP.
Thanks for your help.

1 Like

same here. I have a site that still uses pptp and with 155 I can’t connect anymore even there is a Port 1723 and a GRE Fw rule…

Any help would be appreciated!


…yes, it’s probably time to switch to sstp. Already ordered a SSL Certificate…