Page 1 of 1

PPTP Client Feature

Posted: 10 Jan 2012, 23:30
by tstsistemi
Hi Guys,
i need to use my clavister like a PPTP client in order to connect some client behind Clavister to network behind PPTP server.
I've read configuration's manual and it reports an example very similar to my purpose. I've tried this configuration, but i can only ping remote network from PPTP cliente (clavister), but not from any client behind it. Can anyone help me?

Manual says:
One usage of the PPTP client feature is shown in the scenario depicted below.
Here a number of clients are being NATed through CorePlus before being connected to a PPTP
server on the other side of the Clavister Security Gateway. If more that one of the clients is acting
Chapter 9: VPN
527
as a PPTP client which is trying to connect to the PPTP server then this will not work because of
the NATing.
The only way of achieving multiple PPTP clients being NATed like this, is for the Clavister Security
Gateway to act as a PPTP client when it connects to the PPTP server. To summarize the setup:
• A PPTP tunnel is defined between CorePlus and the server.
• A route is added to the routing table in CorePlus which specifies that traffic for the server
should be routed through the PPTP tunnel.

Re: PPTP Client Feature

Posted: 11 Jan 2012, 02:22
by danilovav
Show your network schema as picture
Does your PPTP server NATed?

Re: PPTP Client Feature

Posted: 11 Jan 2012, 05:53
by tstsistemi
yes, i've made this configuration:

Nat Lan Lannet PPTPInt PPTPInt_subnet.

if itry to ping with a client the PPTP server (is another Clavister and i cannot use IPSEC) reports in log "only_routes_set_up_by_server_iface_allowed"
Thanks

Re: PPTP Client Feature

Posted: 13 Jan 2012, 02:46
by danilovav
"NATed" means locaned behind NAT
Show your network schema as picture

Re: PPTP Client Feature

Posted: 16 Jan 2012, 17:43
by tstsistemi
Ok i've a tipical IPSEC VPN situation:

lan_place_A (192.168.15.0/24)- SG12 (VPN Client 192.168.15.254) ---------------- (INTERNET) --------------- SG12 (VPN Server 192.168.16.254) - lan_place_B (192.168.16.0/24)

In this situation with my configuration only SG12 (192.168.15.254) reach all place_B_subnet, and i cannot reach it from any host behind place_A

Thanks

Re: PPTP Client Feature

Posted: 20 Jan 2012, 00:55
by danilovav
Do you use IPsec? Or PPTP???

Regarding IPsec - Status > IPsec - can you see SA for your tunnel?
Start ping -t to remote network and check Status > Connections - can you see outbound to remote device? Inbound on remote device?

Re: PPTP Client Feature

Posted: 26 Jan 2012, 23:08
by tstsistemi
No, i don't use IPSEC, ican't. I must use PPTP.
Tunnel is ok, but my laptop placed in lan A cannot ping any host placed in lan B. Clavister (LAN's "A" gateway) pings any LAN's "B" hosts.
I don't know how to route my packets through my gateway

Re: PPTP Client Feature

Posted: 27 Jan 2012, 01:16
by danilovav
On place A (client), your PPTP client should have route to 192.168.16.0/24 network

On place B (server), your PPTP user should have "network behind" 192.168.15.0/24

Re: PPTP Client Feature

Posted: 15 Sep 2018, 22:08
by techmania
It give more function and configurational ping which is easily monitor and it is simple execute fast. we can work at local and remote servcer via LAN