PPTP is a data-link layer protocol for wide area networks (WANs) based on the Point-to-Point Protocol (PPP) and developed by Microsoft that enables network traffic to be encapsulated and routed over an unsecured public network such as the Internet. Point-to-Point Tunneling Protocol (PPTP) allows the creation of virtual private networks (VPNs), which tunnel TCP/IP traffic through the Internet.
GWN70xx routers support PPTP Client VPN, the created VPN can be associated to a VLAN thus all the devices connected to the router will use the VPN tunnel. Please refer to the figure below.
PPTP SERVER CONFIGURATION
Any device that supports PPTP Server VPN can be used to configure the PPTP Server or use a VPN service provider that offers PPTP server VPN. In our case, we are going to use the GWN70xx router as an example to configure the PPTP Server.
Configuring PPTP Server Parameters
In our case, these are the parameters of our PPTP Server VPN, and the most important thing to remember is the PPTP Server Address as it will be used to configure the PPTP Client.
Creating PPTP Users
After creating the PPTP server instance, you need next to create some users to allow them to connect to the PPTP server.
GWN70XX PPTP CLIENT CONFIGURATION
To configure a PPTP Client, follow the below steps:
- Go to “VPN → VPN Clients” on the GWN70xx web GUI.
- Click on button. A popup window will appear.
Refer to the below figure showing an example of configuration and the below table showing all available options with their respective description.
Enter a name for the PPTP client.
Select PPTP from the drop-down list.
Enter the IP/Domain of the remote PPTP Server.
Enable / disable the MPPE for data encryption.
By default, it’s disabled.
Enter the Username for authentication with the VPN Server.
Enter the Password for authentication with the VPN Server.
Choose the interfaces.
Note: Set forwarding rules in firewall automatically to allow traffic forwarded from VPN to the selected WAN port. If remote device is allowed to access, please set the corresponding forwarding rules in firewall.
Choose to which destination group or WAN to allow traffic from the VPN, this will generate automatically a forwarding rule under the menu Firewall → Traffic Rules → Forward.
This feature is a form of network address translation (NAT) which allows internal computers with no known address outside their network, to communicate to the outside. It allows one machine to act on behalf of other machines.
Configures the remote subnet for the VPN.
The format should be “IP/Mask” where IP could be either IPv4 or IPv6 and mask is a number between 1 and 32.
PPTP Client Configuration
Add PPTP Client VPN to Destination Network Groups
Finally, make sure to allow PPTP Client VPN on the desired network groups like VLANs.
Example: PPTP Client VPN is allowed on the Default VLAN, refer to the figure below.
- PPTP Client verification
GWN70xx router is connected to PPTP Server VPN with the Server Address 192.168.1.1.
- PPTP Server verification
PPTP VPN Server is connected with the address 192.168.1.1.