How would one go about enabling PPTP passthrough on a BR100?

  • 1
  • Question
  • Updated 2 years ago
  • Answered
Photo of Ryan Kirkendall

Ryan Kirkendall

  • 2 Posts
  • 0 Reply Likes

Posted 4 years ago

  • 1
Photo of Andrew MacTaggart

Andrew MacTaggart, Champ

  • 483 Posts
  • 86 Reply Likes
this is a good question.

I can only share my experience from cisco asa firewall which requires a special command to inspect pptp and basically remember what the connection is doing. Similar to ftp control and data planes.

the nature of pptp can be seen here

http://blogs.technet.com/b/rrasblog/archive/2006/06/14/which-ports-to-unblock-for-vpn-traffic-to-pas...

I don't have a br100 to experiment with

but I know it is one of those difficult protocols that cause stateful firewalls issues without an intelligent way to allow return traffic using a different port.

here's the only thing I could find that might relate

https://community.aerohive.com/aerohive/topics/how_can_i_setup_port_forwarding_on_a_br200_and_how_ca...

it looks like port forwarding maybe the way to resolve it, it is one of those difficult protocols that ports may change on the return traffic. Maybe someone with more expertise on the br100 can provide some insight.

Cheers
A
Photo of Andrew Garcia

Andrew Garcia, Official Rep

  • 368 Posts
  • 120 Reply Likes
Sorry, but PPTP is not supported when passing through a BR.
Photo of DanielMadsen

DanielMadsen

  • 4 Posts
  • 0 Reply Likes
Hi Andrew, And does this concern all BR models?

Best

Daniel
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1030 Posts
  • 271 Reply Likes
Correct. We have not implemented any of the techniques to perform PPTP pass-thru, so when we see a GRE frame we assume it is destined for ourselves and consume it rather than forward it.