Netgate is offering COVID-19 aid for pfSense software users, learn more.
PPTP is no longer considered a secure VPN technology because it relies upon MS-CHAPv2 which has been compromised. If you continue to use PPTP be aware that intercepted traffic can be decrypted by a third party, so it should be considered unencrypted. We advise migrating to another VPN type such as OpenVPN or IPsec.
More information on this can be found at:
As the above warning states, PPTP should not be used any longer due to its completely broken encryption and lack of security, in addition to its long history of trouble as a VPN.
Troubleshooting GRE and PPTP¶
Multiple Outbound Connections to the Same External PPTP Server¶
pf does not have any capabilities of tracking more than one GRE connection per public IP per external host. That is, if the entire internal network gets NAT applied using the same public WAN IP, only one internal machine can connect to a given external GRE source. For PPTP, this means only one PC can connect to a given outside PPTP server at a time.
Use 1:1 or outbound NAT with multiple public IP’s
In System > Advanced, on the Firewall/NAT tab, check Disable Firewall Scrub.