What Is PPTP: Point-to-Point Tunneling Protocol

A now-obsolescent protocol that helped pave the way for modern VPNs

Router with RJ45 cables

Teeraphon Phooma / EyeEm / Getty Images

Point-to-Point Tunneling Protocol is a network protocol mostly used with Windows computers. Nowadays, it's considered obsolete for use in virtual private networks because of its many known security deficiencies. Nevertheless, PPTP is still in use in some networks.

A Brief History of PPTP

PPTP is a network tunneling protocol that was developed in 1999 by a vendor consortium formed by Microsoft, Ascend Communications (today part of Nokia), 3Com, and other groups. PPTP was designed to improve on its predecessor Point-to-Point Protocol, a data link layer (Layer 2) protocol designed to connect two routers directly.

While it's considered a fast and stable protocol for Windows networks, PPTP is no longer considered secure. PPTP has been superseded by safer and more secure VPN tunneling protocols, including OpenVPN, L2TP/IPSec, and IKEv2/IPSec.

How PPTP Works

PPTP is an outgrowth of PPP, and as such, is based on its authentication and encryption framework. Like all tunneling technologies, PPTP is used to encapsulate data packets, creating a tunnel for data to flow across an IP network.

PPTP uses a client-server design (the technical specification is contained in Internet RFC 2637) that operates at Layer 2 of the OSI model. Once the VPN tunnel is established, PPTP supports two types of information flow:

  • Control messages for managing and eventually tearing down the VPN connection. Control messages pass directly between VPN client and server.
  • Data packets that pass through the tunnel, i.e. to or from the VPN client.

People usually obtain the PPTP VPN server address information from their server administrator. Connection strings can either be a server name or an IP address.

PPTP Protocols

PPTP uses General Routing Encapsulation tunneling to encapsulate data packets. It uses TCP port 1723 and IP port 47 through the Transport Control Protocol. PPTP supports up to 128-bit encryption keys and Microsoft Point-to-Point Encryption standards.

Tunneling Modes: Voluntary and Compulsory

The protocol supports two types of tunneling:

  • Voluntary Tunneling: A type of tunneling that is initiated by the client (i.e Microsoft Windows) on an existing connection with a server.
  • Compulsory Tunneling: A type of tunneling initiated by the PPTP server at the ISP, which requires the remote access server to create the tunnel.

Is PPTP Still Being Used?

In spite of its age and security shortcomings, PPTP is still used in some network implementations—mostly internal business VPNs in older offices. The advantages of PPTP are that it's easy to set up, it's fast, and because it's built-in on most platforms, you don't need any special software to use it. All you need to set up a connection are your login credentials and a server address.

However, the fact that it's easy to use doesn't mean you should use it, especially if having a high level of security is important to you. In that case, you should use a more secure protocol for your VPN network, such as OpenVPN, L2TP/IPSec, or IKEv2/IPSec.