I've just upgraded to 18.04, and I have a problem that my wife cannot connect to her work PPTP-based VPN through our home network (Linux box operates as router). If I bypass the linux box, the VPN connection connects fine.
I had trouble setting this up back in the day, until I found I needed load module nf_nat_pptp. After that, it worked fine until the upgrade. I've tried disabling UFW, but it still won't work.
I can't seem to get much debug information on this. (Any debug tips?) The only thread I've got on the problem is a RasSstp error in Windows with message, "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider." Would the Linux box (as router) need to be aware of the certification authority to allow the route?! Or perhaps it's inserting its own certificate in the chain, and that isn't a trusted CA at the Windows server end?
I just don't know enough about the protocol to unwind this---any help would be greatly appreciated.
Ubuntu 18.04.1 server
PPTP PassThrough started to work after adding
and adding the module with:
This should fix the problem.
I found the issue. I had to add:
to /etc/sysctl.conf. Seems that by default the helper is off by default in newer kernel builds. (Think it's meant to be applied very selectively via the iptables. (Close as I get to iptables is UFW.) If you figure out how to do it selectively via the iptables, let me known.
This setting, or me switching to netplan from ifupdown in desperation seemed to cause an dnsmasq race issue in my system. I added the following---but time will tell if it always works around the race (might go back to ifupdown if it persists).
sudo systemctl edit dnsmasq` and add the three lines: