JSI Tip 1725. How can I allow <b>PPTP</b> clients to access services on the <b>PPTP</b> server?

If any other network service is installed on a PPTP server (with IP Forwading enabled) and PPTP filtering on an interface is employed, only PPTP clients can communincate through the filtered interface, in order to protect the server from attack from the internet. If you wish PPTP clients to access non-web services provided by the server, use Regedt32 to navigate to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RASPPTPF\Parameters

On the Edit menu, Add Value name AllowPacketsForLocalMachine, a type REG_DWORD, and set the data value to 1. This will allow PPTP clients to connect to the local computer via the internet. Internet users can see this server and access it's web services, but only PPTP clients can access other services and see past the server.

NOTE: SP3 or greater is required.

NOTE: You must shutdown and restart the server.

When should you use PPTP filtering?

On a multi-hone homed computer, on the interface over which the PPTP connection is made.

On the local LAN adapter, when PPTP is used to tunnel out to the Internet, which causes the RAS server to act like a firewall.

When you tunnel from an ISP to a multi-homed RAS server, PPTP filtering should be enabled on the Internet adapter.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish