Community discussions

 
Sydney
just joined
Topic Author
Posts: 3
Joined: Tue Dec 13, 2011 7:24 am

PPTP server in MikroTik - couldn't connect

Tue Dec 13, 2011 8:43 am

Hello,
I have trouble with PPTP server configuration in RB750 (OS upgraded to V.5.11 right now).
Router settings:
============
interface port1 -> public connection, static IP with defined mask and def. gateway
interface ports 2-5 -> switched (port2 as master) LAN with defined DHCP server, but some devices in network have static IP. LAN is by default settings behind NAT with masquerade, there're also default settings in Firewall rules.
I use the VNC sw for remote desktop access, so the connection with VNC is to public IP with selected port (each PC in LAN has its port for public network) and there's definition of port-forwarding by dstnat to PC's IP addresses with default VNC port.
All of it works, I can connect to internet from ntb in LAN, remote desktop from internet also OK.

Now I need direct access to another devices in LAN with static IPs, so I'd like to establish a VPN tunel to connect my notebook from internet and obtain IP address from LAN DHCP server. I've enabled PPTP server and defined user in PPP Secrets. For test I set static local and remote address in PPP default profile, later it'll be changed to DHCP poll (or another IP poll range). Also ARP enabled on interface1 and proxy-arp on the others.
I made a test with notebook connected to public port (IP the same as def. gateway of router public port) with defined PPTP client in WinXP, but it couldn't connect. I think the reason could be the LAN behind NAT with masquerade, so is there any NAT rule which I could use before masquerade to make VPN connection or these couldn't work together?

Sydney

Edit 14.12.2011:
Image
There're other devices connected to switches, but I need to access for example PLC in the picture, which has LAN static IP. Now I'm connected as "Test" notebook.
Last edited by Sydney on Wed Dec 14, 2011 8:35 am, edited 1 time in total.
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: PPTP server in MikroTik - couldn't connect

Tue Dec 13, 2011 3:08 pm

You should check IP route on your PC. PPTP is a point-to-point connection, so you get a /32 address with a network address of your server. If you want to connect to other machines from the LAN (usually a /24 network), the PC needs to know the route to the addresses through PPTP interface. Try connecting with the Windows XP pptp client - and show us the "route print" from your windows console.
 
Sydney
just joined
Topic Author
Posts: 3
Joined: Tue Dec 13, 2011 7:24 am

Re: PPTP server in MikroTik - couldn't connect

Wed Dec 14, 2011 8:48 am

I've added the image of network layout for better imagination...
Now for test I'm connected directly to WAN port of the router (in which is PPTP server declared) with my notebook so there's no route to access it. The problem is that I couldn't connect the PPTP server, I'm not so far to connect devices in LAN.
(router WAN is accessible and I'm able to go through, e.g. with VNC software to any PC in LAN)

Sydney
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: PPTP server in MikroTik - couldn't connect

Wed Dec 14, 2011 1:54 pm

What does "/interface pptp-server server print" show?
And can you ping the router from your laptop?
And doesn't /ip firewall filter block anything?
Can you open TCP connection on port 1723 ("telnet router_ip_address 1723" from your computer)?
 
Sydney
just joined
Topic Author
Posts: 3
Joined: Tue Dec 13, 2011 7:24 am

Re: PPTP server in MikroTik - couldn't connect

Wed Dec 14, 2011 6:50 pm

You pointed me the right way, thanks a lot :)
Interface is normally empty, because it's created dynamically, ping OK, I could go through with VNC software, but the port for PPTP was unable to connect because of FW. I've enabled just the GRE protocol (which I found as not needed). So the solution was only to enable the TCP 1723 in FW rules.

Sydney

Who is online

Users browsing this forum: No registered users and 29 guests