cancel
Showing results for 
Search instead for 
Did you mean: 

SG580 UTM 4.0.5 PPTP VPN problems

Hi all,

I'm a relatively newbie to the UTM but have worked with similar products.

I've enabled the PPTP VPN and can successfully connect, but am unable to connect to any hosts.

Do I need to configure a packet filter or access rule of some sort?

If I check logs, all the client traffic is being routed to the UTM, but then being blocked.

Thanks

Dave

8 Replies
rcamm
Level 13
Report Inappropriate Content
Message 2 of 9

Re: SG580 UTM 4.0.5 PPTP VPN problems

Does the subnet you are trying to reach conflict with a subnet on the remote client LAN connection ?

Re: SG580 UTM 4.0.5 PPTP VPN problems

Nope, 192.x.x.x/24 range at the site site and the remote VPN site is using a 10.x.x.x/24 range.

rcamm
Level 13
Report Inappropriate Content
Message 4 of 9

Re: SG580 UTM 4.0.5 PPTP VPN problems

use

system -> diagnostics -> packet capture

to see if you packets are in fact being sent over the pptp vpn tunnel

interface will be ppp ( something )

-s 1500

default options

then load that into wireshark and see if your client packets are arriving at the UTM device

Re: SG580 UTM 4.0.5 PPTP VPN problems

I looked at the UTM's own logs and I can see the packets are arriving there, then being denied. Can't see a reference to a particular rule being applied.

rcamm
Level 13
Report Inappropriate Content
Message 6 of 9

Re: SG580 UTM 4.0.5 PPTP VPN problems

You should contact support with the capture and the other diagnostics that support will ask for.

With the right diagnostics, support will be able to determine the issue.

Just to check, the subnet you are connecting too, does it conflict with a local subnet to the connecting clients LAN connection ?

Re: SG580 UTM 4.0.5 PPTP VPN problems

No, different subnets. Tried from two separate remote sites - same problem.

Re: SG580 UTM 4.0.5 PPTP VPN problems

I was able to solve the problem. Since first testing the VPN (where it worked fine) I'd subsequently installed VMware Workstation, which added its own virtual NIC used for NAT, with a 192.168.3.1/24 address - same as the remote site is using. I disabled that and - voila, it worked. Thanks for your help, got me thinking in the right mindset.

rcamm
Level 13
Report Inappropriate Content
Message 9 of 9

Re: SG580 UTM 4.0.5 PPTP VPN problems

Yes, an inspection of the routing tables on a host can often explain 'weird' behaviour

on 2/25/10 3:47:29 PM GMT+10:00