Trouble connecting as PPTP client

Installing and Using OpenWrt Network and Wireless Configuration
1

My RPI4 with OPENWRT openwrt-21.02.0-bcm27xx-bcm2711-rpi-4-ext4-factory.img
installed.

I want to connect PPTP VPN as cilent with my openwrt, the PPTP server is windows server 2019 inner server. But always failed.

After installing the openwrt, I installed kmod-mppe pptpd ppp-mod-pptp kmod-nf-nathelper-extra, so that I can use the web to create PPTP client.

image
image1918×763 83.1 KB

My phone's wifi and the PPTP server are in the same lan, while phone's hotspot is for openwrt connect as WWAN. The LAN is for my PC for configuring.

openwrt can ping the PPTP server, everything seems OK. account and password are multiple checked. Use default gateway check and uncheck are both test. I even delete all firewalls. but cannot connect.

the /etc/config/firewall is below

root@OpenWrt:~# cat /etc/config/firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option synflood_protect '1'
        option forward 'ACCEPT'

config include
        option path '/etc/firewall.user'

root@OpenWrt:~# cat /etc/config/firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option synflood_protect '1'
        option forward 'ACCEPT'

config include
        option path '/etc/firewall.user'

while the /etc/config/network is below

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdcc:4b83:d255::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wwan'
        option proto 'dhcp'

config interface 'vpn'
        option proto 'pptp'
        option server '10.154.51.237'
        option username 'xxx'
        option password 'xxx'
        option ipv6 '0'
        option defaultroute '0'

I am new with OpenWRT, Any help is greatly appreciated!!!!

2

Your firewall file is practically empty. What happened?

The fastest fix is to reset to defaults and then configure from there.

Meanwhile, pptp should not be used on the internet these days - it is not secure. Do you have other options for vpn protocols? Don you control the other endpoint? If so, consider wireguard.

1 Like
3

Reset the firewall config to the default state and follow the wiki:
https://openwrt.org/docs/guide-user/services/vpn/pptp/client
The wiki instruction is verified and works fine for me.

1 Like
4

may differ from your setup but other may find it and help them
if you are connecting from a windows client to a work place windows server
this is needed for it to work through an openwrt router
it used to be shown on old openwrt help pages but was replaced
as the context on the help page is an openwrt pptp server not external pptp sever

opkg install kmod-nf-nathelper-extra
echo "net.netfilter.nf_conntrack_helper = 1" >> /etc/sysctl.d/local.conf
/etc/init.d/sysctl restart
1 Like
5

Just edit the vi /etc/ppp/options.pptp
add this
refuse-eap refuse-pap

Mine looks like:
noipdefault noauth nobsdcomp nodeflate idle 0 mppe required,no40,no56,stateless refuse-eap refuse-pap maxfail 0

That is because Windows PPTP use MS-CHAP v2!!!!

I found the problem by the output of the command logread -e pppd,
it output Non-zero Async Control Character Maps are not supported!

By searching that I got these instructions:

[https://forums.fedoraforum.org/showthread.php?235788-can-t-connect-to-windows-VPN-using-pptp]
https://blog.bug-maker.com/archives/63.html

1 Like
6

I followed this but occur the problem that this post stated.

But thank you for reminding me double visiting the guide, using the troubleshooting commands and finding the solution!

1 Like
7

I just want to test... to avoid the firewall effect.

And I am in a safer big company LAN for use! I don't need to consider some security problems!

But thank you for telling me the little security of PPTP!

8

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.