Microsoft White Paper
Understanding PPTP
Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network (VPN) across TCP/IP-based data networks. PPTP supports on-demand, multi-protocol, virtual private networking over public networks, such as the Internet.
1) PPTP AND VIRTUAL PRIVATE NETWORKING
The networking technology of PPTP is an extension of the remote access Point-to-Point protocol defined in the document by the Internet Engineering Task Force (IETF) titled "The Point-to-Point Protocol for the Transmission of Multi-Protocol Datagrams over Point-to-Point Links," referred to as RFC 1171. PPTP is a network protocol that encapsulates PPP packets into IP datagrams for transmission over the Internet or other public TCP/IP-based networks. PPTP can also be used in private LAN-to-LAN networking.
The PPTP extension of PPP is explained in the document titled "Point-to-Point Tunneling Protocol ," PPTP draft-ietf - ppext - pptp - 00.txt. A draft of this document was submitted to the IETF in June, 1996 by the companies of the PPTP Forum, which include Microsoft Corporation, Ascend Communications, 3Com/Primary Access, ECI Telematics, and US Robotics.
Note
Internet draft documents should be considered as a "works in progress." See www.ietf.org for copies of Internet drafts and RFCs mentioned in this document. For more information about PPTP, visit our Web site at http:\\www.microsoft.com\ntserver. See the topic "Network Communications" under "All About..."
This document is for network administrators, support personnel, and developers who need to understand how PPTP can be used to provide low-cost remote access solutions and includes the following topics:
The PPTP protocol is included with the Windows NT
® Server version 4.0 and Windows NT Workstation version 4.0 operating systems, and a beta version is available as an add-on for the Windows® 95 operating system. Computers running these operating systems can use the PPTP protocol to securely connect to a private network as a remote access client by using a public data network such as the Internet. In other words, PPTP enables on-demand, virtual private networks over the Internet or other public TCP/IP-based data networks. PPTP can also be used by computers connected to a LAN to create a virtual private network across the LAN.An important feature in the use of PPTP is its support for virtual private networking through public-switched telephone networks (PSTNs). PPTP simplifies and reduces the cost of deploying an enterprise-wide, remote access solution for remote or mobile users because it provides secure and encrypted communications over public telephone lines and the Internet. PPTP eliminates the need for expensive, leased-line or private enterprise-dedicated communication servers because you can use PPTP over PSTN lines.
Generally, there are three computers involved in every PPTP deployment:
However, if you are creating a PPTP tunnel between a PPTP client and a PPTP server that are both connected to the same LAN, you do not need a network access server.
The following section describes a typical PPTP scenario using these computers and explains how they relate to each other, It also fully defines each of these components.
A typical deployment of PPTP starts with a remote or mobile PPTP client that uses a local Internet Service Provider (ISP) to access a private enterprise LAN. This PPTP client can be running either Windows NT Server version 4.0, Windows NT Workstation version 4.0, or Windows 95 operating systems.
A PPTP client must make two connections to establish a PPTP tunnel. Figure 1 shows these connections. The client first uses Dial-Up Networking and the remote access protocol, PPP, to connect to a network access server (NAS) at an ISP facility. Once connected, the client can send and receive packets over the Internet. The network access server uses the TCP/IP protocol for all traffic to the Internet.
Note
Network access servers are also referred to as front-end processors (FEPs), dial-in servers or point-of-presence (POP) servers.
The client then uses Dial-Up Networking to make a second logical connection over the existing PPP connection. Data sent using this second connection is in the form of IP datagrams that contain PPP packets, referred to as encapsulated PPP packets.
The second connection creates the virtual private networking (VPN) connection to a PPTP server on the private enterprise LAN (a computer running Windows NT Server version 4.0 and configured as a PPTP server). This connection is referred to as a tunnel.
Figure 1 - Creating a PPTP tunnel
Tunneling
is the process of sending packets to a computer on a private network by routing them over some other network, such as the Internet. The other network’s routers cannot access computers on the private network. However, tunneling enables the routing network to transmit the packet to an intermediary computer, a PPTP server that is connected to the both the routing network and the private network. Both the PPTP client and the PPTP server use tunneling to securely route packets to a computer on the private network by using routers that only know the address of the private network intermediary server.When the PPTP server receives the packet from the routing network, it sends it across the private network to the destination computer. The PPTP server does this by processing the PPTP packet to obtain the private network computer name or address information in the encapsulated PPP packet. Note that the encapsulated PPP packet can contain multi-protocol data such as IP, IPX, or NetBEUI protocols. Because the PPTP server is configured to communicate across the private network by using private network protocols, it is able to read multi-protocol packets.
The following figure illustrates the multi-protocol support built into PPTP. A packet sent from the PPTP client to the PPTP server passes through the PPTP tunnel to a destination computer on the private network.
Figure 2 - Connecting a Dial-Up Networking PPTP client to the private network
PPTP encapsulates the encrypted and compressed PPP packets into IP datagrams for transmission over the Internet. The IP datagrams are created using a modified version of the Internet Generic Routing Encapsulation (GRE) protocol. (GRE is defined in RFCs 1701 and 1702).These IP datagrams are routed over the Internet until they reach the PPTP server that is connected to both the Internet and the private network. The PPTP server disassembles the IP datagram into a PPP packet and then decrypts the PPP packet using the network protocol of the private network. As mentioned earlier, the network protocols on the private network that are supported by PPTP are IPX, NetBEUI, and TCP/IP.
1.2) PPTP Clients
A computer, such as a Microsoft client, that supports the PPTP network protocol can connect to a PPTP server in two ways:
PPTP clients that use an ISP’s network access server must be configured with a modem, a PPTP driver, and a VPN device to make the separate connections to the ISP and the PPTP server. The first connection is a dial-up connection using the PPP protocol over the modem to an Internet service provider. The second connection is a VPN connection using PPTP, over the modem and the ISP connection, to tunnel across the Internet to a VPN device on the PPTP server. The second connection requires the first connection because the tunnel between the VPN devices is established by using the modem and PPP connection to the Internet.
In contrast to PPTP clients that use an ISP’s network access server, clients that use an IP-enabled LAN connection need only be configured with a PPTP driver and a VPN device. Because they are already connected to the LAN, they only need to make one connection: they must use a VPN device to create a connection to a PPTP server on a LAN.
1.3) PPTP-enabled Network Access Servers at an ISP
The previous section describes how a PPTP-enabled dial-up client establishes a PPTP tunnel with a PPTP server. Dial-up clients that are not PPTP-enabled can also take advantage of PPTP by connecting to a PPTP-enabled network access server. The network access server then establishes the PPTP connection to a PPTP server.
In this scenario, the dial-up client can be a Windows 95-based, Windows NT-based, Apple Macintosh, or UNIX client. The architecture described in this document is fundamentally the same; however, all PPTP communication occurs between the network access server and the PPTP server.
PPTP-enabled ISP network access servers are designed and built to accommodate a high number of dial-in clients. Such network access servers are built by companies such as 3Com, Ascend Communications, ECI Telematics, and U.S. Robotics, all members of the PPTP Forum.
Contact your ISP to see if they provide a PPTP service and how you need to configure PPP and Dial-Up Networking to access the ISP server that supports PPTP.
1.4) PPTP Servers on the Private LAN
PPTP servers are servers with routing capabilities that are connected to a private network and to the Internet. In this document, a PPTP server is defined as a computer running Windows NT Server version 4.0 and RAS. PPTP is installed as a network protocol. During installation, PPTP is configured by adding virtual devices referred to as virtual private networks (VPNs) to RAS and Dial-Up Networking configurations. For more information about PPTP server installation requirements, see the document "Installing, Configuring, and Using PPTP with Microsoft Clients and Servers."
This section describes:
2) PPTP Architecture
2.1) PPTP Architecture Overview
The secure communication created using the PPTP protocol typically involves three processes, each of which requires successful completion of the previous process. This document explains these three processes and how they work:
PPP Connection and Communication. A PPTP client uses PPP to connect to an ISP by using a standard telephone line or ISDN line. This connection uses the PPP protocol to establish the connection and encrypt data packets.
PPTP Control Connection. Using the connection to the Internet established by the PPP protocol, the PPTP protocol creates a control connection from the PPTP client to a PPTP server on the Internet. This connection uses TCP to establish the connection and is a called a PPTP tunnel.
PPTP Data Tunneling. Finally, the PPTP protocol creates IP datagrams containing encrypted PPP packets which are then sent through the PPTP tunnel to the PPTP server. The PPTP server disassembles the IP datagrams and decrypts the PPP packets, and then routes the decrypted packets to the private network.
PPP is a remote access protocol used by PPTP to send multi-protocol data across TCP/IP-based networks. PPP encapsulates IP, IPX, and NetBEUI packets between PPP frames and sends the encapsulated packets by creating a point-to-point link between the sending and receiving computers.
Most PPTP sessions are started by a client dialing up an ISP network access server. The PPP protocol is used to create the dial-up connection between the client and network access server and performs the following three functions:
This entire process is illustrated in the following figure.
Figure 3 - Creating a Dial-Up Networking PPP connection to an ISP
2.3) PPTP Control Connection
The PPTP protocol specifies a series of control messages sent between the PPTP-enabled client and the PPTP server. The control messages establish, maintain and end the PPTP tunnel. The following list presents the primary control messages used to establish and maintain the PPTP tunnel.
Message Type |
Purpose |
PPTP_START_SESSION_REQUEST |
Starts session |
PPTP_START_SESSION_REPLY |
Replies to start session request |
PPTP_ECHO_REQUEST |
Maintains session |
PPTP_ECHO_REPLY |
Replies to maintain session request |
PPTP_WAN_ERROR_NOTIFY |
Reports an error on the PPP connection |
PPTP_SET_LINK_INFO |
Configures the connection between client and PPTP server |
PPTP_STOP_SESSION_REQUEST |
Ends session |
PPTP_STOP_SESSION_REPLY |
Replies to end session request |
Table 1 - PPTP Control Message Types
Control messages are transmitted in control packets in a TCP datagram. One TCP connection is created between the PPTP client and the PPTP server. This connection is used to exchange control messages. A datagram contains an IP header, a TCP header, a PPTP control message, and appropriate trailers, similar to the following:
Figure 4 - PPTP TCP Datagram with Control Messages
The exchange of messages between the PPTP client and the PPTP server over the TCP connection are used to create and maintain a PPTP tunnel. This entire process is illustrated below:
Figure 5 - PPTP Control Connection to PPTP Server Over PPP Connection to ISP
Note that in this illustration, the control connection is for the scenario in which the remote access client is the PPTP client. In the scenario in which the remote access client is not PPTP-enabled and uses a PPTP-enabled ISP network access server, the PPTP control connection begins at the ISP server.
2.3) PPTP Data Transmission
Figure 6 - IP datagram containing encrypted PPP packet
The IP delivery header provides the information necessary for the datagram to traverse the Internet. The GRE header is used to encapsulate the PPP packet within the IP datagram. The PPP packet was created by RAS. Note that the PPP packet is just one unintelligible block because it is encrypted. Even if the IP datagram were intercepted, it would be nearly impossible to decrypt the data.
PPTP extends the strict authentication and encryption security available to computers running RAS under Windows NT Server version 4.0, Windows NT Workstation version 4.0, or Windows 95 to PPTP clients on the Internet. PPTP also can protect the PPTP server and private network by ignoring all but PPTP traffic. Despite the strict security, it is very simple to use PPTP with existing firewalls. This section will help you understand and plan the following:
3) Understanding PPTP Security
Initial dial-in authentication may be required by an ISP network access server. If this authentication is required, it is strictly to log on to the ISP network access server; it is not related to Windows NT-based authentication. Check with your ISP for their authentication requirements. You apply these requirements in the Dial-Up Networking configuration
for that ISP.On the other hand, the PPTP tunnel server controls all access to your private network. That is, the PPTP server is a gateway to your private network. The PPTP server requires a standard Windows NT-based logon. All PPTP clients must supply a user name and password. Therefore, remote access logon using a computer running Windows NT Server version 4.0, Windows NT Workstation version 4.0, or Windows 95 is as secure as logging on from a Windows-based computer connected to the local LAN.
Authentication of remote PPTP clients is done by using the same PPP authentication methods used for any RAS client dialing directly to a RAS server. Microsoft’s implementation of RAS supports the Challenge Handshake Authentication Protocol (CHAP), the Microsoft Challenge Handshake Authentication Protocol (MS-CHAP), and the Password Authentication Protocol (PAP) authentication schemes.
Note
MS-CHAP authentication supports the MD4 hash as well as the earlier authentication scheme used in Microsoft LAN Manager.
As with all user accounts, the user accounts of remote users reside in the Windows NT Server version 4.0 directory and are administered through User Manager for Domains. This provides centralized administration that is integrated with the private network’s existing user accounts. Only accounts that have been granted specific access to the network through a trusted domain are permitted. Careful management of user accounts is necessary to reduce security risks.
Having a secure password model in place is critical to successful deployment of PPTP because Internet connections are more susceptible to speed or "demon dialer" programs, which can literally crunch through thousands of password and username combinations.
The only way to minimize this type of attack is to implement secure password policies. Passwords should be difficult to guess. For example, you can require that passwords contain uppercase letters, lowercase letters, numbers, and special characters. It is recommended that you require at least three different types of characters to ensure password uniqueness.
3.2) Access Control
After authentication, all access to a private LAN continues to use the Windows NT-based security model. Access to resources on NTFS drives, or to other network resources requires the proper permissions. It is recommended that the NTFS file system is used for file resources that are accessed by PPTP clients.
For more information about using security on NTFS drives or other network resources, see your product documentation or the Windows NT Workstation version 4.0, Windows NT Server version 4.0, or Windows 95 Resource Kits.
For data encryption, PPTP uses the Remote Access Server (RAS) "shared-secret" encryption process. It is referred to as a shared-secret encryption process because both ends of the connection share the encryption key. Under the Microsoft implementation of RAS, the shared secret is the user password. (Other encryption methods base the encryption on some key available in public; this second method of encryption is known as public key encryption.)
PPTP uses the PPP encryption and PPP compression schemes. The Compression Control Protocol (CCP) used by PPP is used to negotiate encryption.
The user name and password of the PPTP client is available to the PPTP server and supplied by the PPTP client. An encryption key is derived from the hashed password stored on both the client and server. The RSA RC4 standard is used to create this 40-bit session key based on the client password. This key is used to encrypt all data that is passed over the Internet, keeping the remote connection private and secure.
The data in PPP packets is encrypted. The PPP packet containing a block of encrypted data is then encapsulated into a larger IP datagram for routing over the Internet to the PPTP server. If an Internet hacker intercepted your IP datagram, he or she would find only media headers, IP headers, and then the PPP packet containing a block of encrypted data. It would be indecipherable.
Note
Users in the United States and Canada can obtain a 128-bit session key through a cryptography pack for use inside the US. Contact your Microsoft reseller for more information.
PPTP filtering is enabled on the PPTP server using the Protocols tab in the Network option of Control Panel. For step-by-step instruction on enabling PPTP filtering, see the white paper titled "Installing, Configuring, and Using PPTP with Microsoft Clients and Servers."
3.5) Using PPTP with Firewalls and Routers
PPTP traffic uses TCP port 1723, and IP protocol uses ID 47, as assigned by the Internet Assigned Numbers Authority (IANA). PPTP can be used with most firewalls and routers by enabling traffic destined for TCP port 1723 and protocol 47 to be routed through the firewall or router.
Firewalls ensure corporate network security by strictly regulating data that comes into the private network from the Internet. An organization can deploy a PPTP server running Windows NT Server version 4.0 behind its firewall. The PPTP server accepts PPTP packets passed to the private network from the firewall and extracts the PPP packet from the IP datagram, decrypts the packet, and forwards the packet to the computer on the private network.