PPTP
Microsoft® Windows® CE .NET implements virtual private networking through the Remote Access Service (RAS) and the Point-to-Point Tunneling Protocol (PPTP). Because RAS is described in Dial-up Networking, the topics related virtual private networking focus on PPTP.
PPTP is a network protocol that adds a security infrastructure for the transfer of data from a remote client to a private enterprise server, thus creating a virtual private network (VPN) by using TCP/IP-based data networks. PPTP supports multiple network protocols and can be used for virtual private networking over public and private networks. PPTP can be used to provide on-demand, virtual networks by using dial-up lines, local area networks (LANs), wide area networks (WANs), or the Internet and other public TCP/IP-based networks.
A VPN can be defined as an on-demand connection between two computers in different locations. It consists of the two computers, with one computer at each end of the connection, and a route, or tunnel, over a public or private network. To enhance the privacy and security of your communication, data transmitted between the two computers is encrypted by the Point-to-Point Protocol (PPP). One of the following authentication schemes is required to implement data encryption:
- Microsoft Challenge-Handshake Authentication Protocol (Microsoft CHAP)
- Microsoft CHAP version 2.0
- Extensible Authentication Protocol - Transport Level Security (EAP-TLS)
The encrypted data is routed over a dial-up or LAN connection by a PPTP device. This device is referred to as a virtual private network (VPN). PPTP uses the VPN device to enhance the security of the data transfer between computers. It does this by using RAS and Dial-Up Networking to communicate over dial-up lines and public or private networks.
A Windows CE–based PPTP-client device can connect to a PPTP server in two ways:
- The PPTP client can dial up to the network access server of an Internet service provider (ISP) that supports inbound PPP connections.
- The PPTP client can connect to a PPTP server by using a physical TCP/IP-enabled LAN connection.
PPTP clients that use an ISP's network access server must be configured with a modem and a VPN device to make the separate connections to the ISP and the PPTP server. The PPTP client first establishes a dial-up connection to an ISP over a modem using PPP. The client device then establishes a VPN connection using PPTP, over the modem and the ISP connection, to tunnel across the Internet to a VPN device on the PPTP server. The second connection requires the first connection because the tunnel between the VPN devices is established using the modem and PPP connection to the Internet.
The exception to this two-connection requirement is using PPTP to create a VPN between computers that are physically connected to the private enterprise network LAN. In this scenario, a PPTP client is already connected to the network and only uses Dial-Up Networking with a VPN device to create the connection to a PPTP server on the LAN.
See Also
Windows CE Implementation of PPTP | Establishing a PPTP Connection | PPTP Registry Settings
Last updated on Friday, April 09, 2004
© 1992-2003 Microsoft Corporation. All rights reserved.