HELP: PPTP server on OpenWrt - cannot access the router from the VPN client

wrtbunny · April 9, 2023, 9:58pm

Hello,
I recently switched to a banana-pi bpi-r3 router.
I installed the latest snapshot image and configured PPTP server according to https://openwrt.org/docs/guide-user/services/vpn/pptp/server.

I can connect from a remote machine and after issuing the command nft insert rule inet fw4 forward iifname "ppp\*" counter accept, I can access all my local LAN IPs except the router itself:

C:\Users\User>ping 192.168.18.254

Pinging 192.168.18.254 with 32 bytes of data:
Reply from 192.168.18.254: Destination port unreachable.
Reply from 192.168.18.254: Destination port unreachable.
Reply from 192.168.18.254: Destination port unreachable.
Reply from 192.168.18.254: Destination port unreachable.

Ping statistics for 192.168.18.254:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

My /etc/config/pptpd configuration is like this:

config service 'pptpd'
        option 'enabled' '1'
        option 'localip' '192.168.18.254'
        option 'remoteip' '192.168.18.250-253'

config 'login'
        option 'username' 'user1'
        option 'password' 'pass123'

On OpenWrt v22.03.3 (although an a different hardware) it was working fine.

Please advise.

psherman · April 9, 2023, 10:12pm

Although my question will not directly lead to a solution here, is there a reason that you've chosen PPTP? This protocol is not secure and is specifically considered unsuitable for use on the modern internet. It has been deprecated and removed from many operating systems (for example support was removed from iOS and MacOS maybe 6+ years ago).

I would highly recommend another protocol such as Wireguard or even OpenVPN.

wrtbunny · April 9, 2023, 10:16pm

I know that but I need a client-less VPN solution

psherman · April 9, 2023, 10:18pm

What do you mean by this? What is the remote endpoint?

wrtbunny · April 9, 2023, 10:20pm

Using the built-in windows options for the client.
The the remote endpoint if the OpenWrt router of-course.

psherman · April 9, 2023, 10:22pm

Windows still includes PPTP? Wow!
Is it not possible to install WireGuard on your windows computer?

wrtbunny · April 9, 2023, 10:23pm

Sadly I cannot install WireGuard.

psherman · April 9, 2023, 10:26pm

That's really unfortunate. Just keep in mind that PPTP is only marginally safer than no encryption and direct exposure to the internet.

I stopped using PPTP many years ago and I don't remember any of the details of the configuration, so I cannot help you resolve issues.