PPTP - Connections

Point-to-Point Tunneling Protocol (PPTP) is an easy-to-use but insecure VPN protocol.

Add connection - press this button to create a new, empty connection. Configure the connection before usage.

Configured connections

Name/comment - descriptive note used for easier future references.
Remote gateway - global IP address of peer to connect to, or "0.0.0.0" to allow connection from any address.
Direction:
Initiator = VPN client: this unit shall initiate VPN connection as soon as power is turned on, or manually.
Responder = VPN server: this unit shall listen and wait for remote peers to connect to it.
Initiator and responder = both: this unit tries to initiate a VPN connection to the remote peer, but also answers if that remote peer happens to initiate a connection first.

User - Login name of user that uses this connection.










PPTP - VPN connection settings

Name/comment - descriptive note used for easier future references.

Enable this connection - remove mark to temporarily disable a connection without deleting it.
Act as:
Initiator = VPN client: this unit shall initiate VPN connection as soon as power is turned on, or manually.
Responder = VPN server: this unit shall listen and wait for remote peers to connect to it.
Initiator and responder = both: this unit tries to initiate a VPN connection to the remote peer, but also answers if that remote peer happens to initiate a connection first.

PAC/PNS mode - The role of a gateway is either PAC or PNS and must be opposite to the remote peer setting:
normal (recommended) will let an initiator take the PNS role and a responder the PAC role.
inverted may be neccessary with certain types of remote gateways, try that if "normal" doesn't work.

Remote gateway IP address - global IP address of peer to connect to, or "0.0.0.0" to allow connection from any address.


Initiator settings

User name / Password - Identification used when connecting to remote peer. Not used when "Act as" is set to "Responder".
Authentication type - Protocol used for user authenticatation.
Can be none, PAP (Password Authentication Procedure), CHAP (Challenge-Handshake Authentication Protocol) or both (recommended). CHAP is more secure than PAP.
Connect automatically - Mark checkbox (default) to establish PPTP connection automatically when WAN is connected. If unmarked you must manually go to PPTP status page and click "Connect" to establish connection.


Responder settings

User name / Password - Identification remote peer must use when connecting to this unit. Not used when "Act as" is set to "Initiator".
Authentication type - Protocol used for user authenticatation.
Can be none, PAP (Password Authentication Procedure), CHAP (Challenge-Handshake Authentication Protocol) or both (recommended). CHAP is more secure than PAP.


Remote Network - IP and mask describing the network behind the peer at the other end of the VPN connection - the LAN you want to reach. Leave blank if the remote peer is a single computer (like Windows VPN client).


PPTP tunnel advanced settings

Local PPP virtual interface - The connection uses a virtual PPP (Point-to-Point Protocol) interface with the specified IP address and mask.
NOTE: The virtual interface must be on a unique subnet not used by any of the other interfaces!
Remote PPP virtual interface - The virtual interface on the remote peer. Not used when "Act as" is set to "Initiator".
Inactivity time - Disconnect if no traffic is exchanged within this time.
Keep alive time - Send keep-alive (dummy) packets to the remote peer with this interval to avoid disconnection due to inactivity.
TCP MSS (Maximum Segment Size) adjustment - Having correct MSS avoids fragmentation, and that increases performance. You are recommended to enable it, and leave the MSS value empty allowing usage of an automatic value suitable for most cases.
If TCP MSS is not enabled you may need to configure MSS manually on the hosts that use this tunnel.



NOTE! Press "Save" after your settings!

Copy - Copy current settings into a temporary clipboard memory.
Paste - Retrieve settings previously copied into the temporary clipboard memory.