The firewall OUT interface configures one public network IP address 220.127.116.11 to access INTERNET. Configured IP address of internal network is 192.168.22.62/25. Enable NAT for 192.168.22.0/25 on the firewall.
IP address of one laptop is 192.168.22.57/25 and it can access INTERNET normally. However, it fails to dial up VPN server of one site.
Execute "nat alg en pptp" command on EUDEMON and test VPN access. It is not problematic.
Set IP address on laptop as 18.104.22.168 and the gateway. Remove the cable on firewall OUT interface and insert the network port on laptop. It can dial VPN server of the site.
From the experiment above it is inferred that EUDEMON firewall is problematic.
It is doubted that the access policy is problematic. After the check there is no problem.
It is possible that the function of VPN dial-up access is not enabled. Check the configuration and find "undo nat alg enable pptp".
VPN dial-up requires application protocol PPTP. In terms of data configuration, NAT has denied PPTP. The network segment 192.168.22.0/25 cannot dial in VPN server of public network.
There is related configuration of application layer on NAT of EDUEMON. When the service of application layer is problematic, it is necessary to check data configuration of the part.