Chapter 6. How to configure PPTP passthrough
- Table of Contents
- PPTP client on the inside
- PPTP client on the outside
Sometimes, you might want to let PPTP traffic through the firewall instead of using it as a PPTP endpoint. If the PPTP traffic is not NATed between the firewall inside and outside, this will be a simple setting. Usually, some inside networks are NATed, and the settings then become more advanced.
In this chapter, you find settings for letting NATed PPTP through for an inside as well as an outside PPTP client.
PPTP client on the inside
Sometimes you have a few PPTP clients on the firewall inside, which should be allowed to access PPTP servers on the Internet. It could be that you have guests who want to access their office. Here, settings for this are shown.
Networks and Computers
First, create a network for the inside computers on the Networks and Computers page under Network (see the "Guest network" in the screen shot below).
Services
Then, go to the Services page under Rules and Relays and define the service to manage the NATed PPTP traffic. Use TPC as the Protocol, Dynamic PPTP management as the Firewall type, and Server ports 1723. Give the new service a descriptive name.
Rules
Go to the Rules page and create a rule to let the PPTP traffic through from the inside to the Internet. Use the newly created service. You don't need a rule for the return traffic - the service will automatically set up rules for this.
Save/Load Configuration
Finally, go to the Save/Load Configuration page under Administration and apply the new settings by pressing Apply configuration.
