User Tools

Site Tools



This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
doc:howto:vpn.nat.pptp [2013/10/28 08:31]
doc:howto:vpn.nat.pptp [2015/11/24 17:08] (current)
deragon [PPTP NAT Traversal] Information has been verified. Removed text asking to do so.
Line 1: Line 1:
 +====== PPTP NAT Traversal ======
 +| For an overview over all existing Virtual private network (VPN)-related articles in the OpenWrt wiki, please visit [[doc/​howto/​vpn.overview]] |
 +By default, OpenWrt is not configured to allow through PPTP connections from LAN clients (local private network) to WAN (on the Internet) servers. ​ This page explains how to establish PPTP tunnels passing through OpenWrt'​s network address translation (NAT). Thus this is often referred to as "PPTP pass through"​.
 +===== Background =====
 +PPTP utilizes the [[wp>​Generic Routing Encapsulation|GRE (Generic Routing Encapsulation)]] protocol for its point-to-point tunnel. As a pure IP protocol GRE uses only IP addresses but no port numbers giving the router'​s NAT a tough time to track such a connection. In its base configuration OpenWrt Backfire is able to NAT a single PPTP connections but not multiple such connections concurrently. It is also unreliable when trying to establish consecutive single PPTP connections from different LAN clients in rapid succession. This limitation can be lifted (as far as I could make out so far) by installing the following package.
 +===== Required Packages =====
 +^ Packages Name ^ Size in Bytes ^ Description ​ ^
 +| kmod-ipt-nathelper-extra | 55770 | Extra Netfilter (IPv4) Conntrack and NAT helpers |
 +===== Installation =====
 +See [[doc:​techref:​opkg]] for details on how to use this tool.
 +For the current versions of OpenWRT (since Chaos Calmer 15.05), you should install:
 +<code bash>
 +opkg install kmod-nf-nathelper-extra
 +You should now be able to use multiple PPTP connections from LAN to WAN at the same time.
 +Old versions until Barrier Breaker 14.07 used '​kmod-ipt-nathelper-extra'​ instead:
 +<code bash>
 +opkg install kmod-ipt-nathelper-extra