Point-to-Point Tunneling Protocol

This excerpt from e-book "The tips and tricks guide to securing Windows Server 2003" describes what PPTP is, what it does and issues with the first implementation.

This Content Component encountered an error

The tips and tricks guide to securing Windows Server 2003 The following excerpt is from Chapter 7 of the free e-book "The tips and tricks guide to securing Windows Server 2003" written by Roberta Bragg and available at Realtimepublishers.com. Click for the complete book excerpt series.


Point-to-Point Tunneling Protocol

Point-to-Point Tunneling Protocol (PPTP) is described is a standard that has primarily been implemented by Microsoft and has been available since Windows 98 and Windows NT 4.0. The first implementation came under public scrutiny and was strongly criticized for weaknesses in keying, authentication and encryption algorithms. Microsoft subsequently revised the protocol, correcting these flaws. The improvements were acknowledged by the original critics, but PPTP remains flawed in the eyes of many simply because of the early criticism.

When a PPTP session is established, an IP, AppleTalk or IPX frame is encapsulated with a GRE header and an IP header, the IP header contains the IP address of the VPN client and server. Figure 7.25 illustrates this design.


Figure 7.25: PPTP encapsulation and encryption.

The PPP frame is encrypted using keys generated by the MS-CHAP, MS-CHAP v2 or EAP-TLS authentication protocols. Only these authentication protocols can be used to provide an encrypted PPTP VPN solution. Microsoft Point-to-Point Encryption (MPPE) is the encryption algorithm used.

Click for the next excerpt in this series: Layer 2 Tunneling Protocol/IPSec.


Click for the book excerpt series or visit Realtimepublishers.com to obtain the complete book.
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close