PPTP vpn not working at all

Hello all,

I tried to configure a PPTP vpn but had to find out it does not do anything at all. On the vpn server I see not a single packet from the mobiles’ IP. Sometimes even the settings app seems to crash…
Has anybody ever tried that at all?

Regards

And what VPN is it? Can’t tell or test otherwise.

You want me to hand you a test account on my personal vpn?

Oh, sorry. I didn’t realize it was a home grown thing. Thought you had a problem with a certain app or service.

No problem, All I wanted to do is to configure a PPTP vpn via settings. Since the vpn server is already actively serving 2 other vpn connections (from routers) there is little chance that it is the problem. I tried to trace the ongoing traffic with tcpdump but had to find out that there is none. So I am a bit astonished and wonder what this vpn really does, if it does anything at all …
At least it does not connect to a given server IP.

It’s probably due to the fact PPTP is considered an obsolete and insecure method of doing vpn. I’d be surprised if there are any clients that have been maintained over the last 10 years.

https://security.stackexchange.com/questions/45509/are-there-any-known-vulnerabilities-in-pptp-vpns-when-configured-properly#45510

PPTP on linux does work without any problems, be it client or server side.
Really, quite a lot people are talking about “vpn” not knowing what is the exact purpose in the discussed case. All of them are using internet and none of them ever thought about the simple fact that most of the traffic there is not encrypted anyway. Still everyone can tell that PPTP is not safe. Guess what, internet is not safe.
On the other hand most of the people hype wireguard, ignoring some simple facts about this “very safe vpn”.

1. you have no control whatsoever about the IPs connecting to your wireguard server in case of a dynamic client. Every PPP has scripts that are called during auth and ip config where you can make sure that the client is who you think he should be. Not wireguard.
2. you have no control about when a client is online. you (meaning some admin) are in no way informed about a client coming online.
3. Hot reload of the config does not work. Contrary to people on the net answering the questions regarding this topic by repeating what they read somewhere I really tried it, and it is completely instable. Meaning it works sometimes, but most times it does not.
4. The maintainers blame fdroid for slowness in making updates available and therefore include a binary update option in the app - passing by fdroid (control) completely. On the other hand the wg-tools latest release is three years old now (from September 2021).
5. The maintainers claim this to be an open source project, but the mailinglist is moderated and I have not been able to join it since october 2020.
6. Mails to security@ are ignored as well so far.

To sum up: wireguard seems to me one of the most suspicious projects going on around vpn. It has clear design problems, the project has communication problems, the tools have fixed but not released problems, the thing is a mess.
Safe vpn? Really?

PS: I know e/os contains no wireguard from scratch. But the options it does contain are complex in setup and handling and key management, even if you dont need the security coming with that on the transport path.

I don’t care what you think about wireguard. But if you think anyone is going to waste time maintaining a pptp client for android you’re on a hiding to nothing.

Also PPTP still working on Linux is a meaningless measure. Telnet still works on Linux.

I think you completely failed the point. PPTP is a valid option in e/os. So they should make sure it works. And I don’t really care what you care about. We are talking of a product option here, neither you nor me decided to put it in, still it is there. If it is available it should work. And that’s what my feedback is all about.

PPTP was removed by Google in Android 12. The fact it is still available in the menu for /e/ OS is probably a bug.

And you are aware that we are on an e/os forum? We are all here because we accept the dominance of google over our phones, data and lifes, are we not?

I think if you persue the issue with /e/ what will happen is the menu entry will be removed. Rather than them spending dev time making it work.

I would encourage you to research alternative self hosted vpn solutions.

It is probably time to go back to the basics, what is a VPN? According to this (german) wikipedia entry https://de.wikipedia.org/wiki/Virtual_Private_Network it is simply a Virtual Private Network which can be extended in features by encryption but this is no defining part of it. One can see that the english wiki is much more marketing related because it does very much argue with encryption. Still the name “VPN” does not say Encryption, does it?
It is about the same as your “argument” that linux still has telnet, completely ignoring the fact that telnet is often used for debugging unencrypted tcp streams. So only because you cannot imagine a use-case does not mean there is none. Please rethink this ignorance.
There is no danger in using a protocol widely known to have no or no good encryption. Still there is are use cases, and if it only is some ancient equipment.
Contrary to that there is high danger in protocols that are marketed to be “completely safe”, only to find out afterwards that they have never been safe, and if it only is because of implementation related backdoors. Read and understand US export regulations to get a glimpse of what is really going on.

The the fact is, PPTP isn’t working on /e/. It is unlikely to ever work on /e/ for the reasons I have given.

If you want to be able to connect to your home network you need to find an alternative. What that alternative is and the level of security it offers is entirely up to you.