Tomato pptp passthrough

Discussion in 'Tomato Firmware' started by Razor512, Oct 12, 2009.

  Razor512

    Razor512 LI Guru Member

    I created a VPN and have it running fine , I can have computers on my LAN connect to it but I cant get any computers over the internet connect to it.

    and when I search through the tomato firmware options there doesn't seem to be anything for enabling pptp passthrough.

    I am currently running tomato version 1.23, are there any versions of tomato that will allow pptp passthrough

    PS I even tried putting the machine hosting the vpn on the DMZ it still did not work.

    is there anything I can do to allow computers outside of my network to connect to the vpn?
  luckman212

    luckman212 LI Guru Member

    try putting this into your Admin -> Scripts -> Firewall section:
    note: replace "xxx" below with the ip of your pptp server

    iptables -t nat -I PREROUTING -p tcp --dport 1723 -j DNAT --to xxx:1723
    iptables -I FORWARD -p tcp -d xxx --dport 1723 -j ACCEPT
    iptables -t nat -I PREROUTING -p 47 -j DNAT --to xxx
    iptables -I FORWARD -p 47 -d xxx -j ACCEPT
  micko_escalade

    micko_escalade Network Guru Member

    I had same problem as Razor512 just in my case I'm using v1.25 and entering this solved the problem.

    My question is why is this happening in first place?
  bhlonewolf

    bhlonewolf LI Guru Member

    You can forward TCP traffic (port 1723 in this case) through the interface, but not protocol 47/ GRE packet required by PPTP.

    Awhile back I switched to OpenVPN for convenience -- some hotspots / locations might not be compatible w/ PPTP.
  micko_escalade

    micko_escalade Network Guru Member

    Excuse my ignorance but does that mean that protocol 47/ GRE packet is not supported by the router (WRT54GL in my case) or by Tomato Firmware its self ?

    I'm thinking of giving my Linksys to friend and getting ASUS WL-520gU for my self to try USB functions.
  pw44

    pw44 Networkin' Nut Member

    Not working

    i did try the pptp pass thru hint (my internal pptp host is
    iptables -t nat -I PREROUTING -p tcp --dport 1723 -j DNAT --to
    iptables -I FORWARD -p tcp -d --dport 1723 -j ACCEPT
    iptables -t nat -I PREROUTING -p 47 -j DNAT --to
    iptables -I FORWARD -p 47 -d -j ACCEPT
    but it did not work.
    I'm using tomatovpn4 1.27 (jyavenard). any hint of what could be happening?
    On my internal lan (wireless), it works.
  hevnbnd

    hevnbnd Serious Server Member

    I know this is an old thread but is this still needed with say an openvpn connection?
