PPTP (remote access)

Using the Point-to-Point Tunneling Protocol (PPTP), you can provide connections to your network through private tunnels over the internet. The protocol itself does not describe encryption or authentication features. However, the firewall supports several authentication options including Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Microsoft Challenge Handshake Authentication Protocol (MS-CHAPv2). The firewall supports PPTP as described in RFC 2637.

  • To allow users to access your network through PPTP, specify settings and click Apply. Then, click Add members and select users.
  • To view users who are allowed access using PPTP, click Show members.

Enable PPTP

Enable PPTP
Allow access to your network by specified users through PPTP.

General settings

Assign IP from
Range from which an IP address is leased to the client. The client uses the assigned address for the duration of the connection. This must be a private IP address range with at least a 24-bit netmask.
Note L2TP and PPTP ranges mustn't overlap with this range.
Allow leasing IP address from RADIUS server for L2TP, PPTP, and Sophos Connect client
When users are authenticated using a RADIUS server, use the IP address provided by the RADIUS server. If the RADIUS server provides no addresses, XG Firewall assigns the static address configured for the user or leases an address from the specified range.
Client information
Primary DNS server to use for connections. Optionally, you can specify a secondary DNS server and WINS servers.