With dial-up remote TCP/IP access technically possible, thought soon turned to the question of how secure it was to have corporate users doing critical technical work from remote locations. This became an even more important question once more and more users started connecting to corporate sites via public Internet connections rather than through calling directly into the companys remote access servers. This paved the way for new tunneling protocols that further encapsulate TCP/IP to provide encryption and additional, stronger authentication checks.
PPTP (Point to Point Tunneling Protocol) is a Microsoft invention that supports the concept of the VPN (Virtual Private Network). To this protocol, it matters not if the connection to the Internet is a dial-up connection or a fulltime connection. Since PPTP is a variation of PPP, it is also multi-protocol capable. This means that security protocols such as MS-CHAP (Microsoft Challenge Handshake Authentication Protocol) or PAP (Password Authentication Protocol) are supported. PAP is much weaker than CHAP in security. This is because PAP sends the actual password over the wire, while CHAP uses an encryption key which changes with each connection.
To enable a VPN, the connection is first made using PPP. After a virtual circuit has been established, a second dial up network connection is made on the client side with the PPTP protocol. Here a second connection, or tunnel, is made, inside the PPP connection, which encapsulates, encrypts and compresses the PPP packets into IP datagrams.
Home - Table Of Contents - Contact Us
CertiGuide for Network+ (http://www.CertiGuide.com/netplus/) on CertiGuide.com
Version 1.0 - Version Date: November 7, 2004
Adapted with permission from a work created by Tcat Houser and Helen O’Boyle.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.