I have setup firewall rules to permit all outgoing traffic from LAN to WAN however port 1723 still seems to be blocked. I wish to connect a LAN side PC to an external PPTP VPN server. If I fully disable the firewall (data rules disabled) then it works, but surely my rule allowing all outgoing traffic should permit the connection with the firewall on? It works for other ports.

Thanks in advance for any help, if you require more information let me know.

First, you don't need firewall rules to permit outgoing traffic. Outgoing traffic is permitted by deafutl, so you shoould only have rules to block specific outgoing traffic.

My guess is that you have the 2820's VPN server enabled, and you need to turn that off. Go to "VPN and Remote Access" -> "Remote Access Control" and un-check the 3 VPN services. Save the changes and try again.

The internal server is off, those 3 boxes are un-checked

What about your outgoing rules? Remove those, reverting to just the factory-set Call and Data filters. On re-reading your original post, I see you reported all is OK with your rules disabled. Your issue would therefore appear to a bad ruleset.

Ok, the rule that seems to be blocking OUTGOING port 1723 is the following



As you can see this should only affect incoming traffic, indeed it doesn't affect any other outgoing ports.

Mmm. Well, first, that rule (if enabled) blocks ALL incoming traffic. If enabled, it will end up killing not only your VPN but pretty much everything else. Second, Filter Set 2, Rule 1 should be the factory-set rule named "XNetBios -> DNS". I'd suggest performing a full factory reset of your 2820, and not to mess with the rules until you understand properly what you are doing.