PPTP VPN with DD-WRT and TP-Link TL-ER6120

This article describe, how to setup a VPN connection between a DD-WRT router and a TP-Link TL-ER6120 acting as the PPTP server.

  • TP-Link router
  • PPTP server
  • WAN IP : pptp.server.com
  • Local subnet: 192.168.14.0/24
  • DD-WRT router
  • PPTP client
  • Local subnet: 192.168.0.0/24

Configure PPTP Server

La configuration du router TL-ER6120 est très simple, il y a tellement peu d'options qu'il est difficile de faire une erreur. Tout d'abord, allez dans VPN > L2TP/PPTP > Pool d'adresses IP. Créez une nouvelle plage d'adresses. Notez que cette plage d'adresses ne doit pas entrer en conflit avec le sous-réseau local ou le sous-réseau distant. Par exemple : 192.168.15.100-192.168.15.110.

Allez dans VPN > L2TP/PPTP > Tunnel L2TP/PPTP et créez un nouveau tunnel comme suit :

  • Protocol: PPTP
  • Mode: Server
  • Account Name: enter a username
  • Password: enter a password, make sure to use only alphanumeric character
  • Tunnel: LAN-to-LAN
  • Encryption: Enabled
  • IP Address pool: select the previously create address pool
  • Remote Subnet: enter the remote subnet information, this will be used to create the route
  • Status: Activate

Configure PPTP Client

Go to Services > VPN, change the PPTP client settings as follow:

  • PPTP Client Options: Enable
  • Server IP or DNS name: pptp.server.com
  • Remote Subnet: 192.168.14.0
  • Remote Subnet Mask: 255.255.255.0
  • MPPE Encryption: noipdefault mppe required,stateless
  • MTU: 1450 (as default)
  • MRU: 1450 (as default)
  • NAT: Disable
  • User Name: enter the the same username
  • Password: enter the same password

The magic setting is the MPPE encryption. noipdefault let the pptp server provide an IP to the client. I figure out the mppe required,stateless by trial and error. Don't try with stateful option. The PPTP client doesn't support it.


If you try with this settings, the PPTP client will establish a connection, but will disconnect within the next minute. After investigation, I notice the PPTP client is creating a bad route to the remote IP forwarding all the trafic to the ppp0 interface. Removing this route fix it all. To automate this process, go to Administration > Commands. Enter the following text and save it as startup script.

(while [ ! -f /tmp/pptpd_client/ip-up ]; do sleep 10; done
cp /tmp/pptpd_client/ip-up /tmp/ipup.tmp
sed '/^ kelokepptpd)/a\  /sbin/route del -host $5 dev $1' < /tmp/ipup.tmp > /tmp/pptpd_client/ip-up ) &

Using Discrete Card on ThinkPad T430 With Optimus Disabled