VPN Server

[CatBoy]

Hey, guys!

 

I'm trying to set my desktop as a VPN server since my router doesn't support being a VPN server.

I've done some things like setting up the Incoming Connections on the VPN Server, forwarding TCP 1723, unblocking the port from the firewall, allowing PPTP Pass-through, and setup the VPN connection settings on the client computer.

However, I got stuck on the Generic Routing Encapsulation. I couldn't figure it out how to open IP protocol 47. I'm using is PROLiNK H5004N ADSL router and it is what our ISP provided.

 

Thanks in advance!

[Lurick]

Can you post a screenshot of the port-forwarding section of the router?

[CatBoy]

These are the currently forwarded ports. As for the interface:
 

Spoiler

Service Type:
 Usual Service Name: (AUTH, DNS, FTP, IPSEC, POP3, PPTP, SMTP, SSH, TELNET, TFTP, WEB)
 User-defined Service Name: <textbox>

Protocol: (TCP, UDP)
WAN Settings: (Interface, Ip Address)
WAN Interface: (a0 if Interface, textbox if Ip Address)
WAN Port: <textbox>
LAN Open Port: <textbox>
LAN Ip Address: <textbox>

 

 

Edited November 28, 2020 by ridon428
removed screenshot for privacy

[brwainer]

PPTP passthrough should be all you need on the router for GRE - the point of PPTP Passthrough is to detect when a PPTP session is opened via TCP1723, and start forwarding the GRE packets to the same destination. You should just have to open that up in the Windows firewall.

[CatBoy]

I've enabled PPTP Pass-through on the VPN Server side. I've allowed TCP1723 in Windows Firewall. How do I forward GRE packets and how do I open it in Windows Firewall?

[brwainer]

23 minutes ago, ridon428 said:

I've enabled PPTP Pass-through on the VPN Server side. I've allowed TCP1723 in Windows Firewall. How do I forward GRE packets and how do I open it in Windows Firewall?

As I said, the point of PPTP Passthrough is to handle forwarding the GRE packets, so you don't have to forward them in your router. As for allowing them in the Windows Firewall, putting "windows firewall allow GRE" into your favorite search engine should give you some results.

 

EDIT: I just did some digging into PPTP passthrough, and it appears to primarily be used when the VPN client is behind the router's NAT, not a VPN server. So it is entirely possible that this router in incapable of handling GRE for a PPTP server that is connected behind the router, as you are trying to do. If allowing GRE in the Windows Firewall doesn't work, I'd recommend trying another VPN server like OpenVPN, which is not GRE dependant and only uses standard TCP/UDP communication.

[CatBoy]

I've search a lot on Google. They weren't pretty helpful. Most search results show Windows Server and I can't find much non-Server OS nor a Windows Firewall-related configurations.

Does that PPTP Pass-through had to be enabled on both client-side and server-side routers? I don't remember having it enabled on the client-side.

[brwainer]

4 minutes ago, ridon428 said:

I've search a lot on Google. They weren't pretty helpful. Most search results show Windows Server and I can't find much non-Server OS nor a Windows Firewall-related configurations.

Does that PPTP Pass-through had to be enabled on both client-side and server-side routers? I don't remember having it enabled on the client-side.

If the client is behind a router with NAT, then that router will need PPTP passthrough as well.

 

In the wizard to add a new inbound firewall rule, where I'm sure you added the TCP1723 rule, you choose "Protocol and Port" then change the Protocol from TCP (or whatever the default is) to GRE. Then complete the wizard as normal.