Solved

PFSense VPN Clients missing gateway

Posted on 2014-04-06
7
1,610 Views
Last Modified: 2014-10-21
Hi,

For some reason some users of our PPTP VPN connection when they connect to the VPN they are assigned an IP but the gateway is listed as 0.0.0.0 and they are unable to ping or access the network but they are connected to the VPN. This appears to be happening for 4 out of 16 users.

On the machines that work, the gateway is the same as the IP address that is assigned to the VPN connection.

We have version 2.1-RELEASE (i386)  and it says that it's up to date.

Any suggestions as to why it would assign a blank gateway and how I can fix it, is there something on the client or PFSense end that needs to change?
0
Comment
Question by:TyreeSupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 64

Expert Comment

by:btan
ID: 39983303
maybe this can be of interest from the pfsense forum. The restart help but I also the essential of redirect gateway. E.g
- If you're on the client end, no push, just redirect-gateway def1.
- You only use the push if you're on the server side trying to force a client to do that., e.g. push redirect-gateway def1.
0
 

Author Comment

by:TyreeSupport
ID: 40066425
I'm not sure any of this is relevant as I'm not using the openvpn but also I am not pushing the gateway.

As most of the clients work, it's just a couple of them that don't I'm not sure that it's PFSense.

I have not been able to resolve this and after searching I have not found others that have this issue..
0
 
LVL 64

Expert Comment

by:btan
ID: 40067114
strange though if this have not happened in  your past old version for the PFSense. Nonetheless, I was thinking if we can force the traffic into the PPTP tunnel since the VPN is 'up' e.g. pass all traffic to the LAN network via the PPTP connection. Some sort of below

Firewall -> Rules -> PPTP VPN
Add new rule
Protocol IPv4 TCP.
Source PPTP Clients
Port *
Destination *
Gateway *
Queue none
0
 

Author Comment

by:TyreeSupport
ID: 40073918
This is a new install so I have not had this issue in the past.

My connection already had a rule like what you had suggested I think, I have attached a screenshot of the PPTP VPN rules.

Not sure if there is anything I can do?
portforwards.jpg
0
 
LVL 64

Accepted Solution

by:
btan earned 500 total points
ID: 40075255
Check this config compared to your shared rule - the protocol is wildcard as well
http://www.electricalchemy.org/pfsense/img/pptp_vpn_fw_rules_config.JPG

This link walk throught steps will help to review your PPTP VPN config - note the part on the client side it stated to Uncheck “use default gateway on remote network”
https://doc.pfsense.org/index.php/PPTP_VPN

Actually I am thinking to spend more effort to drill further may not be worthwhile .. see pfsense posting unless you accept the risk knowingly.

PPTP is no longer considered a secure VPN technology because it relies upon MS-CHAPv2 which has been compromised. If you continue to use PPTP be aware that intercepted traffic can be decrypted by a third party, so it should be considered unencrypted. We advise migrating to another VPN type such as OpenVPN or IPsec.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question