Posted: Tue Jun 28, 2016 5:20 Post subject: PPTP Problems with DD-WRT
Friends,
Having problems getting basic PPTP vpn working. Figured, I would start basic and work my way up to openvpn, but for learning and practice want to start with PPTP.
So if someone can offer suggestions, I am all ears.
Router: TPLINK Archer C9
Firmware: DD-WRT v3.0-r29002 std (02/01/16)
DNS Service: DuckDNS
Cable Provider: Cox (all ports open)
LAN IP: 11.190.39.1
DHPC Server: Enabled - Start at 11.190.39.20 - only 20 clients can use DHCP
VPN Passthrough: All enabled
I have googled, read through the dd-wrt forums and still having problems with basic PPTP tunnel starting.
Attached screen shot of my settings for PPTP. My router's ip I changed to 11.190.39.1.
I have tried basic id/password in the PPTP settings. rebooted the router, tested from my work computer, phone and same results. Even port forwarded 1723 to my router's IP.
Looking at the incoming traffic, appears that the PPTP port 1723 that comes in gets to the authentication and then just drops. I checked my providers blocked ports and 1723 for PPTP is open. Verified this scanning the port as well.
Not entirely sure where to go from here.. Any assistance will be appreciated.
1) Your server IP shouldn't be the same as you router IP, put it as .2
2) You do not have DNS configured, put it as .1
3) I have broadcast support disabled
4) no need for port forwarding 1723, being done automatically as I recall _________________ Netgear R9000 main router
RAX80 as AP
Everything you listed below I completed and still
problems accessing.
Tried this from two different locations - my work pc at the office and mobile phone.
Watching the authentication process that displays and then it changes to 'Connecting to IP address through mini etc" then drops.
I decided to turn off my firewall on the router temp. and received a 800 connection error message. Different from before.
As I was reading other people's posts about PPTP and getting this to work. They either up/downgraded their firmware. I am wondering if this is the case with this firmware? Everything seems to be working fine except this basic PPTP.
for testing change the client IP to one IP address.
also, see if you can install the same firmware I have ( see below) _________________ Netgear R9000 main router
RAX80 as AP
What firmware are you using and where can I find the exact location? Please note my router is TP-LINK Archer C9. our sig shows linksys.
If I upgrade the firmware, all my settings will be lost correct? Last but not least, 30-30-30 rule correct? I can just perform the upgrade when flashing - anything else should I know.
Will keep digging around on this. I do think that there is a software bug on this. PPTP should be a straight forward process but turning out to be a nightmare.
Prior, was using OPENTOMATO and loved the build and no problems with VPN or PPTP..
Joined: 03 Jan 2010 Posts: 7568 Location: YWG, Canada
Posted: Sat Jul 02, 2016 2:13 Post subject:
server ip should be the same as ur internal router ip. like my router is 10.150.10.1, my pptp server ip is "10.150.10.1". client ips range should be within the router's ip subnet range, but OUTSIDE the dhcp range. mine is "10.150.10.251-253" & i have my dhcp range set to 10.150.10.20 ~ 10.150.10.250 so no overlaps can occur. this is always worked for years, & across various routers ive owned.
port 1723 (tcp) forwarding IS necessary, from the isp modem if its NOT in bridge mode. from the router running the pptp server, its not needed. in case ur wondering, theres no "port 47" that pptp also uses, its GRE 47, which is a PROTOCOL, & is automatically done by the firewall, its not a port. _________________ LATEST FIRMWARE(S)
BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers
Settings that Blaser offered worked perfectly fine. The workstations that I was trying to setup PPTP and tunnel through other VPN clients are installed. jumped on a clean workstation w/o any vpn clients and I was able to make connection first try.
At one time, I did forward the 1723 port but truly is not needed. I also thought that my dns server (duckdns) might not be routing the traffic correctly, not the case.
I did notice IE is preferred vs. using chrome when accessing the web page gui. Chrome seems to be buggy and will give off false results or not save settings correctly.
One last thing When I enable to PPTP server and connect w/o error. A day later the PPTP server is disabled. Is there a setting that keeps the tunnel open? I do not have my router on a schedule to reboot.
very strange, never happened to me that the vpn server was disabled.
Log in to the router via ssh , go to /var/logs and check the messages file, see if you see anything strange _________________ Netgear R9000 main router
RAX80 as AP