We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


PPTP VPN Router Config

Medium Priority
Last Modified: 2012-05-06
Okay. This is going to sound funny.
I have installed a vpn router for a client at their remote office.  I have PPTP VPN setup and working fine.
Problem is:  Client devices do not have a gateway setup.  They do have IP address and subnet mask, but no default gateway.
They are unable to access these devices through the VPN. But, when they are in the building and wired in, they can access the devices.
I've tried to explain to them, that tney MUST set a default gateway on these devices.
But, they are relunctant.
So, my question is:  Is it possible to route these devices to my PPTP VPN without the devices having a gateway address?
Watch Question


This is a manufacturer environment.  They have various vendors and systems (alarm control unit, boiler monitors, chiller flow control, HVAC sensors, etc, etc).

The vendors are given PPTP VPN access to the network to access their devices to manage them and help when troubleshooting issues as they arise.

They devices are setup with a IP address, but no gateway. I don't understand why the vendors have recommended not setting gateways, but they is why the client is relunctant to setting gateways.

Each Vendor has a username / password to the PPTP VPN.  The PPTP VPN assigns these users a static IP address on a non-existent network.  I have setup source route statements that allows each user/static ip to access only their partiucluar equipment.
Network 10.10.132.x / 24
PPTP VPN User (vendor 1):
Source route:
destination: gateway

I am able to ping actual computers with gateways successfully, but the devices without gateways are not responding to pings.

This is a more difficult router config, than I do on daily basis.  And, I never try to setup a situation why no default gateways are allowed. So, I'm in uncharted waters personally.

I'm looking for advice, suggestions.

This is a SnapGear VPN Router. Linux based router.
I can program it to do anything that a Cisco Router can do. I just need suggestions.

Is it possible to do this without default gateways setup on the devices.
(by the way, i've used this type of config at medical offices / medical devices. But, they allowed default gateways in their devices, so everything just worked.)


Also, I have the router lan ip(s):,
Solution Architect
I am afraid your only option is to NAT The traffic.

if the internal device with no gateway sees some traffic coming from its own network, it will answer correctly.

since there is no gateway, you simply CANNOT be in a different subnet.

so if you nat the VPN subnet over a unique ip in the devices network, all traffic will be seen and answered as local.

I use to do this with pptp vpn over linux. I do not know if your SnapGear can do that (masquerade the internal network) you should try, or put a linux box to do the nat function.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts


I can source NAT the traffic.  That should work.  Of course, it's NAT, so the initiated traffic is one-way.  Traffic initiated from th VPN will NAT and return. But, traffic initiated from the other side will be dropped by the router, unless I port forward the traffic.

I could give each user a static IP on both networks, and port forward the other side, so the communication is a true two-way.

Does anyone know, if that sounds right?
Gabriel OrozcoSolution Architect

I think if the users are in the vpn, it is because they will not be always there. with one-way nat should be enough unless you have something in mind, in such case I would fully support the two-way nat for certain users ;-)
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.