PPTP Security (Windows Embedded CE 6.0)
1/6/2010
Point-to-Point Tunneling Protocol (PPTP) is a network protocol that implements a security infrastructure for the transfer of data from a remote client to a private enterprise server.
PPTP tunnels Point-to-Point Protocol (PPP) packets through the internet. The PPP packet may or may not be encrypted.
If the data is encrypted, it is routed over a dial-up or LAN connection by a PPTP device that is a virtual private network (VPN) device. PPTP uses the VPN device to enhance the security of the data transfer between computers. It does this by using Remote Access Service (RAS) and dial-up networking to communicate over dial-up lines and public or private networks.
PPTP Best Practices
When you are creating a VPN you should use one of the following following authentication schemes so that PPTP connections can use PPP encryption.
- Microsoft Challenge-Handshake Authentication Protocol (Microsoft CHAP). For more information, see PPP Authentication Protocols.
- Microsoft CHAP version 2.0.
- Extensible Authentication Protocol - Transport Level Security (EAP-TLS). For more information, see EAP-TLS Support.
Ports
PPTP uses TCP port 1723 for the control channel.
Registry Settings
You should be aware of the registry settings that impact security. If a value has security implications, you will find a Security Note in the registry settings documentation.
For PPTP registry information, see PPTP Registry Settings.