Ask the Expert

Encryptions for PPTP and VPN connections

Can you clarify for me whether PPTP VPN connections are encrypted and if they go through a router and a NAT? I have read somewhere that the communications are not encrypted if they go through a router. I am forced to connect to a NT4 host. Am I correct in thinking that this means I cannot use IPSec or L2TP?

I always try to start my answers with a bit of background first.

NAT as you know, is used to reassign the private IP addresses of client machines inside a network to be published. One of the advantages of NAT is that fewer published (or officially assigned) IP addresses are required because the NAT can reuse the same IP's at different times. For security reasons, another advantage is that the internal IP's are never made known outside the enterprise.

With this in mind, a disadvantage of NAT is that some protocols, such as IPSec and L2TP, cannot pass-through the "translation" process. Both the IPSec and L2TP/IPSec are not able to do the automated exchange of keys across a NAT.

A VPN is a private channel typically created across a network (like the Internet) that connects two computers. The VPN client connects to the VPN server using a tunneling protocol, such as PPTP. Both the client and the server much have IPs assigned. PPTP can be used for both client-to-gateway and gateway-to-gateway scenarios. PPTP can pass through a NAT. In fact, Microsoft recommends that PPTP be used in scenarios that require a NAT-capable VPN connection.

This was first published in May 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: