Virtual Router/ Firewall/ VPN

Reply
New Contributor
Posts: 2
Registered: ‎12-08-2014

How to CFG a PPTP VPN Server to Server Connection

I have a Vyatta running Brocade vRouter 5600 3.5 R6S9.

I have a customer that wants to do Windows VPN Server to Sever Connection using PPTP (TCP Port 1723) with GRE (Protocol ID:47)

 

The customer setup is as follows, Windows Client on Local Lan using DHCP with Private IPs <Connect to Windows 7 or 10 VPN Server>

The Windows VPN Server Private IP: 10.192.25.253 is NATTED by the Vyatta vRouter to a Public IP: that then is to <Connect via PPTP> to Company Internet Located VPN Server.

 

The Problem is we never see the GRE Connection being Created, the PPTP Protocol (TCP 1723) goes thru but the GRE (Protocl ID:47) Never follows.

 

I have successfully setup PPTP VPNs using the Vyatta's vRouters where it is a Remote User coming into a Local Lan Windows VPN (PPTP) Server. But I have never setup a PPTP VPN Server to Server where it is the Local Lan Windows VPN server intiating the PPTP/GRE connection to a another Internet hosted VPN Server.

 

We can't get it to work, so any help would be greatly appreciated!

Thanks,

Rich

New Contributor
Posts: 2
Registered: ‎12-08-2014

Re: How to CFG a PPTP VPN Server to Server Connection

Does anyone know if I apply the following config if this would allow my PPTP-VPN Server (Local Lan) to Server (Internet based) PPTP-VPN to work??

 

set interfaces tunnel tun55 address '10.222.255.1/24'
set interfaces tunnel tun55 encapsulation 'gre'
set interfaces tunnel tun55 local-ip '10.192.25.253'
set interfaces tunnel tun55 remote-ip '10.192.25.253'

(x.x.x.x/32 = Customer's Internet based VPN Server)

set protocols static interface-route x.x.x.x/32 next-hop-interface 'tun55'



set service nat destination rule 100 destination address '10.222.255.0/24'
set service nat destination rule 100 inbound-interface 'tun55'
set service nat destination rule 100 source address 'x.x.x.x/32'
set service nat destination rule 100 translation address '10.192.25.253'

set service nat source rule 100 destination address 'x.x.x.x/32'
set service nat source rule 100 outbound-interface 'tun55'
set service nat source rule 100 source address '10.192.25.253'
set service nat source rule 100 translation address '10.222.255.0/24'

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

Download FREE NVMe eBook