Windows 10 PPTP Client Won't Connect To Server

Installing and Using OpenWrt Network and Wireless Configuration
1

Good day Ladies and Gents.

I have been having an issue establishing a PPTP VPN connection.
I have a wrt1900acs for the "latest" version of OpenWRT, OpenWrt 19.07.0-rc2.
For some reason, the connection won't fully establish. Is there a rule or feature that I need to enable or install/configure?

When trying to connect to the VPN, it verifies the user account then moves on to "Trying to connect".
I tried to examine the PPTP conversation using Wireshark but to no avail.

It only gets as far as "Set-Link-Info"
after a few seconds is the following data is sent:
Call-Clear-Request
Call-Disconnect-Notify
Stop-Control-Connection-Request
Stop-Control-Connection-Reply

Any Ideas what could be causing this?

Troubleshoot steps taken so far:
Created a Port-Forward to the server's IP:8735
Created a Port-Traffic rule to allow all traffic from the host in the LAN to the WAN
Tried to add a PPTP interface however in the protocol list there was no selection for PPTP only PPP, PPPOE and so on.

2

Where is the PPtP server running? On the OpenWrt router or on another device (which firewall zone)?
Where is the client located (which firewall zone)?

3

Thanks for your reply.

Server is location in the WAN
Client is located in the LAN

4

What is the output of:
lsmod | grep conntrack

5

nf_conntrack 65536 19 nf_conntrack_netlink,nf_conntrack_ipv6,ipt_MASQUERADE,xt_state,xt_nat,xt_helper,xt_conntrack,xt_connmark,xt_connlimit,xt_connbytes,xt_REDIRECT,xt_CT,nf_nat_masquerade_ipv4,nf_conntrack_ipv4,nf_nat_ipv4,nf_nat,nf_flow_table,nf_conntrack_rtcache,act_connmark
nf_conntrack_ipv4 12288 24
nf_conntrack_ipv6 12288 10
nf_conntrack_netlink 28672 0
nf_conntrack_rtcache 12288 0
nf_defrag_ipv4 12288 1 nf_conntrack_ipv4
nf_defrag_ipv6 12288 1 nf_conntrack_ipv6
nfnetlink 12288 2 nf_conntrack_netlink
x_tables 16384 40 ipt_REJECT,ipt_MASQUERADE,xt_time,xt_tcpudp,xt_tcpmss,xt_statistic,xt_state,xt_recent,xt_nat,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_hl,xt_helper,xt_ecn,xt_dscp,xt_conntrack,xt_connmark,xt_connlimit,xt_connbytes,xt_comment,xt_TCPMSS,xt_REDIRECT,xt_LOG,xt_HL,xt_FLOWOFFLOAD,xt_DSCP,xt_CT,xt_CLASSIFY,iptable_raw,iptable_mangle,iptable_filter,ipt_ECN,ip_tables,ip6table_mangle,ip6table_filter,ip6_tables,ip6t_REJECT
xt_conntrack 12288 18

6

Paste the following and it should be fine:

cat << EOF > /etc/sysctl.d/20-nf-conntrack-helper.conf
net.netfilter.nf_conntrack_helper = 1
EOF
service sysctl restart
7

Thanks for your help so far but still the same result.
any other suggestions?

8

Last idea, install these 2:
kmod-ipt-raw iptables-mod-conntrack-extra

1 Like
9

Well..... you see... I've checked those and installed them beforehand. :grinning:
The funny that I should be able to create a new interface with the protocol for said interface being PPTP.
The option for PPTP is straight-up not there at all. not even remotely.

10

If you haven't already, remove the port-forward and the rule you created in the first post.

Why would you create a PPtP interface? You said the the server is located in the WAN zone, not on the router.

1 Like
11

Removed.
The reason behind that was to see whether i could configure the router as a client based on the OpenWRT documentation. but as you already know it didn't work out.

12

Is the server working? I mean have you tested the pptp over another network, maybe even remove the OpenWrt and plug the PC directly on the modem?

13

Yeah it's working, it worked.
My wrt1900acs is edge facing so there is no double NAT. What i did to pin point the issue to the router was to use the hotspot from my phone to connect my laptop to the cellular network. No other changes were made and it worked. The VPN connected on my laptop.

What i could do is to remove my router from the edge entirely and not use my modem as a media converter.