Discussion:
PPTP "not working" after update on Tuesday
Vick Khera
2011-09-01 17:31:42 UTC
Permalink
Office firewall has been running 2.0-RC2 from some time in May. PPTP
was working fine and dandy from iOS devices. Just click the vpn on
and off you went.

Yesterday I updated the firewall to the latest snapshot of RC3 (Aug 30
18:45:48). Since this time, after the PPTP connect succeeds. The
pfSense logs show full success and assignment of the IP address to the
client, yet no traffic will pass.

The only two "tools" to test on the iOS device are mail and the
browser, and neither makes a connection to the server inside the
office.

The PPTP firewall filter tab has the "allow" rule. No other changes
were made to the configuration other than running the upgrade.

If I ping back from the inside host to the assigned IP, it replies
"sendto: Host is down" *immediately*. Normally pinging a dead IP
takes a while before it responds with that.

Anyone else observing this? What else can I poke around to find
exactly where it fails?

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Chris Buechler
2011-09-01 17:34:43 UTC
Permalink
Office firewall has been running 2.0-RC2 from some time in May.  PPTP
was working fine and dandy from iOS devices.  Just click the vpn on
and off you went.
Yesterday I updated the firewall to the latest snapshot of RC3 (Aug 30
18:45:48).  Since this time, after the PPTP connect succeeds.  The
pfSense logs show full success and assignment of the IP address to the
client, yet no traffic will pass.
The only two "tools" to test on the iOS device are mail and the
browser, and neither makes a connection to the server inside the
office.
The PPTP firewall filter tab has the "allow" rule.  No other changes
were made to the configuration other than running the upgrade.
If I ping back from the inside host to the assigned IP, it replies
"sendto: Host is down" *immediately*.  Normally pinging a dead IP
takes a while before it responds with that.
That's from a kernel patch that was in one day's snapshots, it's since
been reverted. Downgrade to something from the 29th, or early on the
30th, or upgrade to the one that'll come out in the next few hours.

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Vick Khera
2011-09-01 17:38:21 UTC
Permalink
Post by Chris Buechler
That's from a kernel patch that was in one day's snapshots, it's since
been reverted. Downgrade to something from the 29th, or early on the
30th, or upgrade to the one that'll come out in the next few hours.
I'll hit up the snapshot server tomorrow early morning when nobody
else is in the office.

Funny how I picked *just* the right time to update :)

Thanks!

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Vick Khera
2011-09-02 17:23:29 UTC
Permalink
Post by Chris Buechler
That's from a kernel patch that was in one day's snapshots, it's since
been reverted. Downgrade to something from the 29th, or early on the
30th, or upgrade to the one that'll come out in the next few hours.
Just confirming for the posterity of the list that a September 1
snapshot solved this problem for me.

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org

Loading...