1. In the properties of PPTP Client/PPTP Network object check the box 'Add Automatic Address Translation rules' - choose desired NAT method ('Hide behind Gateway' or 'Hide behind IP Address').
2. Create a Security Rule to allow the PPTP service.
3. In 'General Properties' of Security Gateway check the box 'IPS' to activate this blade.
3. In 'General Properties' of Security Gateway check the box 'IPS' to activate this blade.
4. On the IPS tab, select 'Protections' on the left pane, search for 'PPTP' in the 'Look for' field on the right pane and open "Non Compliant PPTP" protection for editing
5. Double click the relevant IPS Profile, change the 'Main Action' from 'Inactive' to 'Detected' and click OK
6. Install the Security policy onto Security Gateway and verify PPTP connection.
6. Install the Security policy onto Security Gateway and verify PPTP connection.
Limitation:
To allow the PPTP traffic to pass, Security Gateway must have the IPS software blade enabled in its General Properties page. IPS Software blade requires a separate license to be installed on Security Gateway.
Checkpoint.com
