Home
Topics
Microsoft Windows desktop operating systems security management
Network intrusion detection and prevention and malware removal
Encryptions for PPTP and VPN connections

Encryptions for PPTP and VPN connections

Can you clarify for me whether PPTP VPN connections are encrypted and if they go through a router and a NAT? I have read somewhere that the communications are not encrypted if they go through a router. I am forced to connect to a NT4 host. Am I correct in thinking that this means I cannot use IPSec or L2TP?

I always try to start my answers with a bit of background first.

NAT as you know, is used to reassign the private IP addresses of client machines inside a network to be published. One of the advantages of NAT is that fewer published (or officially assigned) IP addresses are required because the NAT can reuse the same IP's at different times. For security reasons, another advantage is that the internal IP's are never made known outside the enterprise.

With this in mind, a disadvantage of NAT is that some protocols, such as IPSec and L2TP, cannot pass-through the "translation" process. Both the IPSec and L2TP/IPSec are not able to do the automated exchange of keys across a NAT.

A VPN is a private channel typically created across a network (like the Internet) that connects two computers. The VPN client connects to the VPN server using a tunneling protocol, such as PPTP. Both the client and the server much have IPs assigned. PPTP can be used for both client-to-gateway and gateway-to-gateway scenarios. PPTP can pass through a NAT. In fact, Microsoft recommends that PPTP be used in scenarios that require a NAT-capable VPN connection.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary
- stack overflow

This was first published in May 2001

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Virtual Desktop
Windows Server
Windows IT
Exchange

Virtual Desktop
- Citrix simplifies VDI again with XenDesktop 7-XenApp combo
  
  Citrix VDI admins can deploy and manage XenDesktop and XenApp under the same architecture, something they expected for years.
- Citrix kills its Application Streaming feature, directs users to App-V
  
  Citrix has officially ceased development and support for its Application Streaming feature, and has directed IT pros to use Microsoft App-V instead.
- Citrix expected to tackle mobile application delivery, VDI costs
  
  As Citrix Synergy 2013 kicks off in Anaheim, attendees hope to learn about new desktop and application delivery strategies for the mobile world.
Windows Server
- Microsoft delivers patch updates for Windows Server 2012, Windows 8
  
  Microsoft delivered two critical and eight important bulletins in May's Patch Tuesday release, fixing issues in Windows Server 2012 and Office apps.
- Windows Azure Active Directory steps out of the shadows
  
  As Windows Azure Active Directory moves into general availability, we look at how it can help admins manage user authentication in the cloud.
- Steps to read XML files with PowerShell
  
  Wondering how to get PowerShell to read XML files? Our expert explains a few methods you could use.
Windows IT
- How to advance your cloud skills and get ahead of the gap
  
  There may be a growing shortage of IT pros with cloud skills, but you can take action now and become a valuable asset with the right skills.
- Prepare for a SharePoint 2013 upgrade with five tips
  
  Considering an upgrade to SharePoint 2013? Find out the answers to the most common questions IT pros will ask before making the jump.
- Prioritize your IT tasks and finally conquer your to-do list
  
  It's easy to feel overwhelmed by a growing to-do list of IT tasks, but there are easy ways you can decide what to tackle first and what can wait.
Exchange
- Dismounted Exchange 2010 database refuses to mount
  
  A frustrated admin wants to know how to remount his Exchange 2010 database after discovering event ID 5003. One of our experts offers proper guidance.
- Exchange Global Address List updates not replicating to sites
  
  For some reason, an admin's Exchange Global Address List updates are not updating to sites. Our expert has several suggestions to fix the issue.
- Replacing Forefront TMG: Alternate reverse-proxy options for Exchange
  
  With the discontinuation of Forefront TMG, Exchange admins are left wondering what to do moving forward. The available options may surprise you.

All Rights Reserved,Copyright 2008 - 2013, TechTarget