To set up a PPTP connection you must first configure PPTP server inside Mettle SE and define PPTP users in Mettle SE.
Server Address - This is the IP address of the firewall (may be virtual/alias) in the "Server address" field. This address will be used for the server side of the Point2Point network.
Remote Address Range - This is the range of IP addresses that will be assigned to the PPTP clients when the establish a connection with Mettle SE.
Setting Up PPTP Server:
Go to Connectivity >> PPTP
- Enable PPTP server on Mettle SE.
- No. of PPTP users - Select the maximum number of PPTP users
- Server Address -- Enter server IP address PPTP client should use on their end.
- Remote Address Range -- Specify the range of IP address that PPTP server should assign hosts when they connect to the server. Please specify a private IP address range.
- Enable 128bit encryption for added security for PPTP connection.
- Save and Apply Changes.
Configuring PPTP Users:
- Select Users on the left hand side and click on Add New
- Assign an Username and Password for remote PPTP hosts. They would require an Username and Password to connect to server.
- It is possible to specify an IP address to assign to specific PPTP client. If done so the client would be assigned the same IP address whenever they log in to the server. If none is specified then server would dynamically assign an IP address to a host from Pool.
- 'Save' and 'Apply Changes'.
Adding Firewall Rules To Allow PPTP Communication:
- Go to Security >> Firewall and select PPTP
- Add a rule for this interface.
- The action should be 'Pass'.
- The interface selected should be PPTP.
- Source should be PPTP clients.
- Destination should be Single Host/Alias or a Network. (This is destination of the PPTP hosts, they can either access servers or Network depending upon the rules set.) Creating an Alias (Tools >> Aliases) and using it here will make things much easier.
- Enter a meaningful description for the rules created.
- 'Save' and 'Apply Changes' you have made.
Setting up a PPTP client in Windows XP
Start by accessing Network Connections Panel. (Or right click 'Network Places' and select Properties.)
- Click 'Create New Connection' in left hand column of the 'Network Connections' window.
- Click Next to continue.
- Select 'Connect to the Network at my Workplace' from the menu.
- Select 'Virtual Private Network Connection' from next panel.
- Name the Connection.
- Now enter IP address or Fully Qualified Domain Name (FQDN) of the PPTP Server.
- Next finish setting up and add a short cut on the Desktop.
- While launching the PPTP client for the first time you will be asked for a Username and Password. Issue the Username and Password and click connect and you will be connected to the PPTP Server.
To Allow Restricted Access to a Particular PPTP User
In case you want to provide access for a PPTP user to a specific location of your network you should follow the below steps:-
Create a new PPTP user at Connectivity >> PPTP >> Users
- Provide a static IP address to that user
- Go to Security >> Firewall >> PPTP VPN and create a rule to allowing the user, using his static IP address in the source field, to access a specific machine on your local LAN via VPN.
- Create a deny rule for that user using his IP address as the source IP address in the rule to deny access to all other computers in your LAN.