PPTP data encryption

Misha ( misha@hern.org )
Thu, 12 Feb 1998 01:51:43 -0600 (CST)

I have been messing with PPTP for several days and have really tried to
hold off posting dumb questions, and have finally got it working to the
point where it runs, but some things are definately broken.

The PPTP server is on a LAN, no RAS devices other than PPTP ports
attached. The LAN has a dedicated connection, no firewalls or filtering is
involved.

1) PPTP runs with TCP/IP and Netbeui without a problem with IP addresses
assigned from a static pool, data enryption off. Sniffing the network
proved that indeed it doesnt encrypt a thing. Enabling data encryption on
both the server and the client results in error "726 Data Encryption is
not Supported on the Remote Server" (the actual wording may differ), while
I know that encryption is on. Microsoft site has no info on it, Usenet
shows that people experience the same problem but no one knows why. Any
clues?

2) While the server is running IP only and the clients dial up the net
with an analog conection, getting a dynamic IP then establishing the
connection to the PPTP server everything appears to be routing through
PPTP except for any traffic destined for the IP of the PPTP server, like
so:

Server IP: 203.253.208.246
RAS Interface: 203.253.208.15
203.253.208.16

Client IP: 209.113.30.5
PPTP IP: 203.253.208.16

All traffic gets routed through 203.253.208.16 except traffic to
203.253.208.246 which comes out of 209.113.30.5, due to the route in the
routing table naturally, though I have no clue on how it gets there.

3) Some documents say that a registry change adding
"DisableOtherSRCPackets" is needed in the /Services/RASArp/Parameters key,
though some docs say it needs to be added on the server, other say that it
needs to be on the client, none say what exactly it does so I can make a
decision for myself. Any ideas?

I need to do some extensive testing on PPTP to be able to recommend it to
my clients but have a hard time finding relaible info. If anyone has a lot
of experience with it I would like a chance to drop my questions on you
once in a while. Some other questions I have are:

Does RRAS improve PPTP in any way and is it nessesary if no other routing
features are needed?

Do the Option Packs Internet Connecton Services have any value to them
what so ever?

How stable is PPTP for Server to Server tunneling and exactly how secure
is PPTP encryption?

Misha
Insync Internet