Chapter 5. How to configure VPN connections
Here, you find HOWTO:s for various VPN configurations. Thorough descriptions of the settings used can be found in the Settings part, especially in chapter 16, Virtual Private Networks.
How to configure Ingate Firewall for PPTP connections
When a VPN connection using PPTP is established, the firewall will assign a local IP address to the PPTP client, which then can look like it is located on the local network.
Follow these steps to configure the firewall for PPTP connections.
Networks and Computers
Go to the Networks and Computers page under Network and create a new network. The new network should contain IP addresses from the local network which the PPTP clients can use. Select "-" as the Interface for this network.
Also, make sure that there are networks for the computers which the PPTP clients should be allowed to access. These networks are used when rules are set up for the PPTP traffic.
PPTP
Go to the PPTP page under Virtual Private Networks to do settings for the PPTP server in the firewall.
First, select that the PPTP server should be On and select an IP address for it. This IP address is one of the firewall's own IP addresses and is the one which PPTP clients should access, which means that it must be available from the Internet. It is recommended that you select one of the addresses on the firewall outside.
Then, select a firewall IP address which will act as a local peer for the PPTP clients. You must select an IP address on the same firewall interface and logical network as the IP addresses in the PPTP client network.
Select the network created above as the Client IP addresses. When a PPTP client connects, it will be assigned one of these IP addresses on the local network.
You can enter local DNS and WINS servers for the PPTP clients to use. This will enable the clients to use local network services.
Enter the users allowed to connect using PPTP, and their passwords. The user must enter this username and password in her PPTP client.
Rules
Go to the Rules page under Rules and Relays and create rules for the traffic between the PPTP clients and the local network. The PPTP clients are represented by the network of local PPTP IP addresses.
If the PPTP clients should initiate all traffic (i.e., they are not supposed to act as servers), you don't need a reply rule for TCP.
Save/Load Configuration
Finally, go to the Save/Load Configuration page under Administration and apply the new settings by pressing Apply configuration.
Configuring the client
When the firewall has been configured, you also need to configure the PPTP client. This is, of course, done differently with different clients. A Windows XP computer has a built-in PPTP client which is configured under Control Panel -> Network connections.