Can't connect to PPTP VPN with ufw enabled on Ubuntu 14.04 with kernel 3.18

This is caused by a change for security reason in kernel 3.18 [1]. There are two ways to fix this.

First approach is adding this rule to the file /etc/ufw/before.rules before the line # drop INVALID packets ...

-A ufw-before-input -p 47 -j ACCEPT

Second approach is manually loading the nf_conntrack_pptp module. You can do this by running

sudo modprobe nf_conntrack_pptp

To load this module on every boot on Ubuntu, add it to the file /etc/modules.

For more recent versions of ufw a solution is instead:

sudo ufw allow proto gre from [PPTP gateway IP address]
sudo systemctl restart ufw

Add nf_conntrack_pptp to /etc/modules-load.d/pptp.conf

One liner

echo nf_conntrack_pptp | sudo tee /etc/modules-load.d/pptp.conf

Explanation

The accepted answer works for me, especially the 2nd suggestion--loading the nf_conntrack_pptp kernel module--as opposed to modifying my iptables firewall. My laptop firewall is otherwise unmodified. sudo ufw enable without exceptions is nice and clean. But I don't like editing /etc/modules by hand... future package upgrades may have conflicts. /etc/modules-load.d/ provides an upgrade-friendly and more easily automatable way to load the module.

See also

Is there a ".d" directory to use to load modules at boot time, opposed to /etc/modules?

Parting shot: Do not use PPTP!

• https://www.schneier.com/cryptography/pptp/faq.html
• https://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol
• http://www.howtogeek.com/211329/which-is-the-best-vpn-protocol-pptp-vs.-openvpn-vs.-l2tpipsec-vs.-sstp/

Try openvpn instead.