Article

Point-to-Point Tunneling Protocol

Roberta Bragg

The following excerpt is from Chapter 7 of the free e-book "The tips and tricks guide to securing Windows Server 2003" written by Roberta Bragg and available at Realtimepublishers.com. Click for the complete book

    Requires Free Membership to View

excerpt series.


Point-to-Point Tunneling Protocol

Point-to-Point Tunneling Protocol (PPTP) is described is a standard that has primarily been implemented by Microsoft and has been available since Windows 98 and Windows NT 4.0. The first implementation came under public scrutiny and was strongly criticized for weaknesses in keying, authentication and encryption algorithms. Microsoft subsequently revised the protocol, correcting these flaws. The improvements were acknowledged by the original critics, but PPTP remains flawed in the eyes of many simply because of the early criticism.

When a PPTP session is established, an IP, AppleTalk or IPX frame is encapsulated with a GRE header and an IP header, the IP header contains the IP address of the VPN client and server. Figure 7.25 illustrates this design.


Figure 7.25: PPTP encapsulation and encryption.

The PPP frame is encrypted using keys generated by the MS-CHAP, MS-CHAP v2 or EAP-TLS authentication protocols. Only these authentication protocols can be used to provide an encrypted PPTP VPN solution. Microsoft Point-to-Point Encryption (MPPE) is the encryption algorithm used.

Click for the next excerpt in this series: Layer 2 Tunneling Protocol/IPSec.


Click for the book excerpt series or visit Realtimepublishers.com to obtain the complete book.

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: