Point-to-Point Tunneling Protocol

  • Article

Microsoft Windows CE version 3.0 supports the Point-to-Point Tunneling Protocol (PPTP). PPTP is a network protocol that enables the transfer of data with an additional level of security, from a remote client to a private enterprise server, thus creating a virtual private network (VPN) by using TCP/IP-based data networks. PPTP supports multiple network protocols and can be used for virtual private networking over public and private networks. PPTP can be used to provide on-demand, virtual networks with enhanced security, by using dial-up lines, local area networks (LANs), wide area networks (WANs), or the Internet and other public TCP/IP-based networks.

A virtual private network can be defined as an on-demand connection between two computers in different locations. It consists of the two computers (one computer at each end of the connection) and a route, or tunnel, over a public or private network. To help enhance privacy and enhance secure communication, data transmitted between the two computers is encrypted by the Point-to-Point Protocol (PPP). To implement data encryption, one of the two authentication schemes — MS-CHAP or MS-CHAPv2 — is required, both of which are supported by Windows CE 3.0.

The encrypted data is routed over a dial-up or LAN connection by a PPTP device. This device is referred to as a virtual private network or VPN. PPTP uses the VPN device to establish and maintain communication between computers with enhanced privacy and enhanced security. It does this by using Remote Access Service (RAS) and Dial-Up Networking to communicate over dial-up lines and public or private networks.

A Windows CE-based PPTP-client device can connect to a PPTP server in two ways:

  • The PPTP client can dial up to the network access server of an Internet Service Provider (ISP) that supports inbound PPP connections.
  • The PPTP client can connect to a PPTP server by using a physical TCP/IP-enabled LAN connection.

PPTP clients that use an ISP's network access server must be configured with a modem and a VPN device to make the separate connections to the ISP and the PPTP server. The PPTP client first establishes a dial-up connection to an ISP over a modem by using the PPP protocol. The client device then establishes a VPN connection by using PPTP, over the modem and the ISP connection, to tunnel across the Internet to a VPN device on the PPTP server. The second connection requires the first connection because the tunnel between the VPN devices is established by using the modem and PPP connection to the Internet.

The exception to this two-connection requirement is using PPTP to create a virtual private network between computers that are physically connected to the private enterprise network LAN. In this scenario, a PPTP client is already connected to the network and only uses Dial-Up Networking with a VPN device to create the connection to a PPTP server on the LAN.

 Last updated on Friday, April 02, 2004

© 1992-2000 Microsoft Corporation. All rights reserved.