Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[deepone]

I configured PPTP Server to connect to local lan from remote site, it's almost the same configuration as in topic http://forums.dlink.com/index.php?topic=8404.0
Connection is correctly established from Windows XP/Vista, but I can't do anything inside my LAN from remote machine.
I see in Status > User Authentication and in status > Connections this user.

I configured IP Rules in different ways, but it still won't work.

How should I configure IP Rules (example) to allow remote computer to gain access to LAN.

[Fatman]

first of all nice name.

Ia! Ia! Cthulhu fhtagn ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn!

Now that that is over with.

How are you trying to access these remote resources?  By DNS name, NBNS name, or IP?

What do your IP rules look like?

[deepone]

My IP Rules, tried many configurations and still nothing.
I can only connect to firewall, can't go inside LAN.

[Fatman]

Your second and third rules look like a passthrough attempt, which should not be the case if you are using the DFL as the VPN endpoint.  And even if they were they should be NAT not allow.

I would disable them.

What is your Lan2Net?
What is your IP Pool?
If these are in the same network do you have Proxy ARP enabled for the LAN2 interface on the PPTP server?

When you connect what IP do you get?
When you connect can you ping the server?
When you connect can you ping a known host?

[deepone]

I would disable them.

Disabled.

What is your Lan2Net?

10.0.0.0/16

What is your IP Pool?
If these are in the same network do you have Proxy ARP enabled for the LAN2 interface on the PPTP server?

192.168.15.2-192.168.15.20
I tried with Proxy ARP enabled and disabled.

When you connect what IP do you get?

192.168.15.2 - 192.168.15.20 same as in IPPool.

When you connect can you ping the server?

No

When you connect can you ping a known host?

No

[chechito]

Are you using the latest firmware version??

im using 2.20.03.08-8260
Sep 26 2008

i have a testing pptp working on a dfl-210

here are the ip rule set im using for pptp connections allowing them to connect to local network as well for going to internet through a pppoe connection

the first rule its to easy trouble-shooting allowing tracerouting from any net connected to the pptp vpn

[Fatman]

Since your IP pool is in a different net from your LAN you don't want proxy ARP on.

Can I see your routing table (view it through Status->Routes, not Routing->Tables->Main), I am trying to look for conflicting routes, and to see how well your PPTP route is being placed?

I know this sounds like a stupid question, but are you sure the gateway is set right on your LAN2 hosts?

[deepone]

 Routing table contents (max 100 entries)
     Flags             Network             Interface             Gateway             Local IP             Metric   
           81.x.x.x/x       wan1                     100
           192.168.120.0/24       wan2                     100
           172.17.100.0/24       dmz                     100
           192.168.1.0/24       lan1                     100
           192.168.3.0/24       lan3                     100
           10.0.0.0/16       lan2                     100
           0.0.0.0/0       wan1       81.x.x.x              100

[chechito]

Routing table contents (max 100 entries)
     Flags             Network             Interface             Gateway             Local IP             Metric   
    D        192.168.250.101       pptp-vpn-server                     0 (pptp client ip)
    D        192.168.10.0/24       pptp-vpn-server                     0 (pptp remote network)
    M        192.168.201.0/24       lan                     50
    M        172.17.100.0/24       dmz                     50
    M        192.168.200.0/24       wan                     50
    M        0.0.0.0/0       etb_pppoe                     80
    M        0.0.0.0/0       etb_pppoe_2                     80

[deepone]

When I connect remotely, in routing there is one more entry:
   D        192.168.15.2       PPTP-tunnel                     0

Software version:
2.26.00.06-12652
Sep 23 2009

I tried everything again from support faq, but it's configured like in faq.
I can't get inside lan.
I can change from lan2 to lan1, but I think it's not this problem.

[Fatman]

The devices that you are trying to reach, is the DFL-210 their gateway?

Well that routing looks right.  If you take a packet capture from the PC you are trying to ping on the LAN do you see the incoming or outgoing ICMP packets?

[deepone]

I'm trying to reach from home PC network inside my work.
When I connect from home, I see outgoing ICMP, but nothing is incoming.
I checked connection status, and only received bytes are when I connect and authorisation is granted.
Then nothing else is incoming, only outgoing.

[Fatman]

I meant on the device you are pinging over the VPN, not the device dialling the VPN.

Any interesting log entries?

[chechito]

tracert (windows) from remote connecting pc to local lan ip and tracert (windows) from local lan to the pptp ip of the connecting pc  may be usefull, always you had allowed ping outbound on ip rule set. to-from pptp vpn,and  to-from local lan.