Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Watchguard XTM21 - PPTP Passthrough

Posted on 2011-10-19
Medium Priority
Last Modified: 2013-11-16
Hi all,

Watchguard XTM21 Firewall, we've confugured PPTP 1723 and GRE 47 to route through to our SBS server on and when I try to vpn into it from an xp client, I get denied according to the watchguard logs.

I have forwarded smtp 25 to the server no problem. Is there a passthrough option I need to enable for PPTP?

I can vpn into the sbs server locally without a problem.
Question by:unrealone1
LVL 32

Accepted Solution

dpk_wal earned 2000 total points
ID: 36997667
Assuming that your PPTP server is fully functional and it is WG which is preventing traffic [as evident from your post that you see denies in WG logs].

Use the predefined PPTP policy and also configure 1-1 NAT instead of using static NAT.
For 1-1 NAT you MUST have additional public IP other than the external interface IP. Please note that if you only have one additional IP and are using the additional IP for static NAT [where you can forward multiple port/protocol combination to different internal hosts], then you would need to remove static NAT and only configure 1-1 NAT [where the connection from specific IP would only go to single internal host].

From the PPTP clients connect to this additional public IP for establishing the tunnels.

Please check and update.

Thank you.

Author Closing Comment

ID: 37099308

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses
Course of the Month12 days, 4 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question