PPTP Server
From Wiki of WFilter NG Firewall
Contents |
1 PPTP Server
PPTP server can provide PPTP VPN service for external users to connect.
- You can check VPN clients ip addresses and usernames in "Real-time Bandwidth".
- VPN users are not be applied by Access_Policy.
- Activity of VPN users won't be recorded by Internet Usage.
2 PPTP Settings
Description of PPTP settings:
- IP Range: the ip addresses to be assigned to VPN clients. (Must be a LAN subnet)
- MPPE: when enabled, PPTP server will require 128bit MPPE stateless encryption.
- Protocols: supported auth protocols, which shall be consistence with VPN client settings.
- Authtype:
- "Local Auth": authenticate with username and password of local accounts. Only "local users" with "VPN" priviledge have VPN access.
- "Email Auth": send credentials to a pop/imap email server for authentication.
- "Ldap Auth": send credentials to a ldap server for authentication.
- "Radius Auth": send credentials to a remote radius server for authentication.
- For "LDAP Auth" and "Email Auth", only "pap" protocol is supported.
- If you want to assign static ip and limit bandwidth to PPTP clients, you need to setup "PPPoE Property" in "Accounts" settings.
3 Online Users
You can click "online users" in PPTP to get a list of live PPTP clients, including IP address, RX & tx bandwidth... Move your mouse over the "kill" icon to terminate a session.
4 Multiple Subnets
PPTP clients can only belongs to one subnet. If your network has multiple subnets, you need to add route in client pc to access other subnets. For example, the server side has two subnets 192.168.10.x and 192.168.11.x. PPTP works in 192.168.10.x. To access another subnet, you need to execute below command in client:
route add 192.168.11.0 mask 255.255.255.0 192.168.10.1