News Stay informed about the latest enterprise technology news and product updates.

Point-to-Point Tunneling Protocol

This excerpt from e-book "The tips and tricks guide to securing Windows Server 2003" describes what PPTP is, what it does and issues with the first implementation.

The tips and tricks guide to securing Windows Server 2003 The following excerpt is from Chapter 7 of the free e-book "The tips and tricks guide to securing Windows Server 2003" written by Roberta Bragg and available at Click for the complete book excerpt series.

Point-to-Point Tunneling Protocol

Point-to-Point Tunneling Protocol (PPTP) is described is a standard that has primarily been implemented by Microsoft and has been available since Windows 98 and Windows NT 4.0. The first implementation came under public scrutiny and was strongly criticized for weaknesses in keying, authentication and encryption algorithms. Microsoft subsequently revised the protocol, correcting these flaws. The improvements were acknowledged by the original critics, but PPTP remains flawed in the eyes of many simply because of the early criticism.

When a PPTP session is established, an IP, AppleTalk or IPX frame is encapsulated with a GRE header and an IP header, the IP header contains the IP address of the VPN client and server. Figure 7.25 illustrates this design.

Figure 7.25: PPTP encapsulation and encryption.

The PPP frame is encrypted using keys generated by the MS-CHAP, MS-CHAP v2 or EAP-TLS authentication protocols. Only these authentication protocols can be used to provide an encrypted PPTP VPN solution. Microsoft Point-to-Point Encryption (MPPE) is the encryption algorithm used.

Click for the next excerpt in this series: Layer 2 Tunneling Protocol/IPSec.

Click for the book excerpt series or visit to obtain the complete book.

Dig Deeper on Windows administration tools

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.