A data-link layer protocol for wide area networks (WANs) based on the Point-to-Point Protocol (PPP) and developed by Microsoft that enables network traffic to be encapsulated and routed over an unsecured public network such as the Internet. Point-to-Point Tunneling Protocol (PPTP) allows the creation of virtual private networks (VPNs), which tunnel TCP/IP traffic through the Internet.
Remote users can securely access corporate local area network (LAN) resources using the Internet instead of having to use direct modem connections over the Public Switched Telephone Network (PSTN) or dedicated leased-line connections.
PPTP is an extension of PPP and is based on PPP negotiation, authentication, and encryption schemes. PPTP encapsulates Internet Protocol (IP), Internetwork Packet Exchange (IPX), or NetBEUI packets into PPP frames, creating a “tunnel” for secure communication across a LAN or WAN link. The PPTP tunnel is responsible for authentication and data encryption and makes it safe to transmit data over unsecured networks.
PPTP supports two types of tunneling:
No matter which type of tunneling you use, you must use a PPTP server. Corporations can set up dedicated PPTP-enabled servers on their networks using Windows NT Server.
Microsoft’s Remote Access Service (RAS) for Windows NT supports PPTP through both dedicated and dial-up Internet connections. To enable Windows NT Server to act as a PPTP server, click Network in Control Panel, click the Advanced button on the TCP/IP property sheet, and select Enable PPTP Filtering.
Because PPTP supports multiple network protocols, including IP, IPX, and NetBEUI, two computers can establish a tunnel over the Internet only if they are running the same network protocol. To troubleshoot PPTP over a TCP/IP connection, use ping to determine whether you are connected to your PPTP server. Also be sure that you have trusted credentials in the domain of the PPTP server, and be sure that you don’t have an active Winsock Proxy client that might be redirecting PPTP packets to a proxy server instead of to your VPN.