- 1 What Is PPTP?
- 2 Here’s How PPTP Works
- 3 What Is PPTP Passthrough?
- 4 Is PPTP Secure?
- 5 Is PPTP Fast?
- 6 How Simple Is the PPTP Setup Process?
- 7 What Is PPTP VPN Support?
- 8 Need a Reliable PPTP VPN That Also Offers More Protocols?
- 9 PPTP Advantages and Disadvantages
- 10 How Does the PPTP Protocol Compare to Other VPN Protocols?
- 11 What Is PPTP? The Bottom Line
What Is PPTP?
PPTP stands for Point-to-Point Tunneling Protocol, and it’s a VPN protocol that was introduced back in 1995, though it was in development ten years prior to that date. PPTP improved on the previous PPP standard which lacked the tunneling feature. What started out as a protocol implement in Windows systems quickly became a widespread VPN protocol available on numerous platforms.
Being a VPN protocol, PPTP is a set of rules that’s responsible for ensuring the VPN client -> VPN server communication process is handled properly.
Here’s How PPTP Works
Basically, the PPTP client establishes a connection (also called a “tunnel”) to the PPTP server through it transports all your online data and traffic, securing it with its encryption at the same time.
That’s the simpler explanation. If you want a more complex definition, you should know that PPTP encapsulates network data and puts into an IP envelope. From then on, every time a router or any other device will encounter that data, it will treat it as an IP packet. Once the data is received by the PPTP server, it’s forwarded to the web or the destination device.
The PPTP tunnel is established by communicating with the peer on TCP port 1723. That connection is then used to establish and manage the encapsulating tunnel to the same peer. Also, at both ends of the PPTP encryption tunnel, the protocol will authenticate the data packets which are transferred.
General Technical Details About PPTP
- In order to establish a connection to a server, PPTP only needs the server address, and a username alongside a password.
- A PPTP connection is very cross-platform compatible. The protocol works on Windows, Linux, macOS, iOS, Android, Tomato, DD-WRT, and other operating systems and devices.
- PPTP uses GRE (General Routing Encapsulation), TCP port 1723, and IP port 47.
- PPTP supports encryption keys up to 128-bits, and it uses MPPE (Microsoft Point-to-Point Encryption).
Tunneling Types Supported by PPTP
- Voluntary Tunneling – This type of tunneling is initiated by the client, so no ISP or bridge support is required.
- Compulsory Tunneling – Since this type of tunneling is initiated by the PPTP server, router and network access server support is necessary.
What Is PPTP Passthrough?
We already have an article on what VPN Passthrough is if you want to learn more about this topic, but here’s the shorter version so that you can quickly understand PPTP Passthrough:
Basically, pretty much all devices connect to the web through a NAT device (normally, a router). Well, the problem is that PPTP isn’t natively supported on NAT, meaning a PPTP connection can’t be established. PPTP Passthrough is a router feature that solves that issue, and allows PPTP VPN connections to traverse NAT.
How Does PPTP Passthrough Work?
VPN Passthrough is all about getting a router to allow data packets that originate from a VPN client to pass through NAT in order to reach the VPN server.
When it comes to PPTP Passthrough, here are the main thing you need to know:
- PPTP is said to use GRE, but – to be more specific – it actually used Enhanced GRE.
- Enhanced GRE has a feature known as “Call ID.” A unique Call ID is generated every time a PPTP connection is established, which is then inserted in the modified header of the data packet.
- The unique Call ID can actually be used as a sort of replacement for ports on NAT since it can be used to identity PPTP VPN clients behind NAT. It’s worth noting that the Call ID feature is used as a substitute for ports only for PPTP traffic.
- Routers must “know” how to switch between ports and Call ID’s when they are dealing with PPTP traffic. The ability to do just that in order to let PPTP traffic through is exactly what PPTP Passthrough is.
Is PPTP Secure?
PPTP used to be secure, but that’s no longer the case. Simply put, PPTP security is extremely outdated by today’s standards, and using this protocol to secure your online data is very risky.
Here’s a quick overview of all the security issues PPTP has:
- There is documented proof that the NSA has actually managed to crack PPTP traffic.
- PPTP can use MS-CHAP-v1 for authentication. The problem with that is MS-CHAP-v1 is not secure since there are tools that make it possible for cybercriminals to extract NT Password hashes from an exchange.
- While PPTP can use MS-CHAP-v2 for authentication as well, it’s not a safe option either. Apparently, MS-CHAP-v2 is vulnerable to dictionary attacks and a MS-CHAP-v2 D4 passphrase can actually be cracked in approximately 23 hours.
- Since MPPE (the encryption used by PPTP) uses the RC4 stream cipher, a hacker could use a bit-flipping attack to take advantage of the fact that the ciphertext is vulnerable because there is no authenticate the ciphertext stream.
- All of the security issues discussed above are pretty well-known by now, and that makes PPTP traffic a very likely target for hackers since it’s so vulnerable to malicious attacks.
Is PPTP Fast?
Yes, due to its low level of encryption, PPTP is capable of offering fast connection speeds. Normally, VPN encryption can lower your online speeds, but – in this case – that shouldn’t be much of a problem.
How Simple Is the PPTP Setup Process?
When it comes to the setup, PPTP connections are pretty popular with most VPN users because this protocol is very easy to set up and configure. That’s mostly due to PPTP being integrated into most operating systems and devices. Even Linux users have an easy time setting up a PPTP connection.
Generally, it’s enough to just tweak a few settings and enter some server-related data in your operating system’s network settings area, and you’re done setting up a PPTP connection.
What Is PPTP VPN Support?
PPTP VPN support refers to a VPN provider who offers its users access to a PPTP connection when they use their services. Usually, you’ll be able to choose what type of connection you want to use (PPTP in this case) before you connect to one of the VPN provider’s servers.
Be careful with VPN providers who only offer PPTP connections, though. Like we already discussed, this VPN protocol isn’t reliable and secure anymore, so it’s better to have other VPN protocols to choose from alongside PPTP when using a VPN on the Internet.
Need a Reliable PPTP VPN That Also Offers More Protocols?
If you’re looking for a decent VPN to help you quickly bypass annoying geo-blocks, we’ve got you covered. CactusVPN offers PPTP connections and 28+ high-speed servers. Plus, every single one of our servers come equipped with unlimited bandwidth.
That’s not all – besides PPTP, you can also choose from five other VPN protocols when you access the web: OpenVPN, SoftEther, IKEv2/IPSec, SSTP and L2TP/IPSec.
Enjoy VPN Connections on Tons of Devices
Establishing a PPTP connection and switching between VPN protocols is extremely simple thanks to our user-friendly VPN applications that work on many devices and operating systems Windows, macOS, Android, Android TV, iOS and Fire TV.
Try Out Our PPTP VPN Free of Charge First
Before you choose a subscription plan you’re comfortable with, you can actually test-drive our VPN service for free for 24 hours – no credit card details needed.
And once you become a CactusVPN user, we’ll still have your back with our 30-day money-back guarantee if there are any problems with our service.
PPTP Advantages and Disadvantages
- PPTP is a very fast VPN protocol.
- PPTP is really easy to set up and configure on most operating systems and devices.
- Due to the protocol’s high rate of cross-platform compatibility, a PPTP connection can be established on tons of platforms.
- PPTP encryption is sub-par and not suitable for securing online data and traffic. The NSA has actually cracked PPTP traffic.
- A PPTP connection can be exploited by cybercriminals with malicious attacks.
- A router with PPTP Passthrough is usually required since PPTP doesn’t natively work with NAT.
- A PPTP connection can be blocked quite easily by firewalls.
How Does the PPTP Protocol Compare to Other VPN Protocols?
Here is an overview of how PPTP fares against other protocols most VPN providers usually offer access to:
1. PPTP vs. L2TP/IPSec
If you’re looking for a secure online experience, you’re better off with L2TP/IPSec instead of PPTP. For one, L2TP/IPSec can use 256-bit encryption keys, and it can also use the highly-secure AES cipher. Plus, L2TP/IPSec can be configured to make sure it can’t be blocked by NAT firewalls. On the other hand, PPTP can be blocked by firewalls – sometimes pretty easily even.
Pretty much the only way PPTP is better than L2TP/IPSec is the online speed it offers. Due to its low encryption, PPTP is capable of being very fast, so it might be a more ideal option for those of you who need quick access to geo-blocked content, for instance.
In case you’d like to learn more about L2TP, check out this article.
2. PPTP vs. IKEv2/IPSec
From the get-go, IKEv2/IPSec is significantly safer to use than PPTP since it can use the AES-256 cipher. However, IKEv2/IPSec is harder to set up than PPTP.
Both IKEv2/IPSec and PPTP are very stable – IKEv2/IPSec even more so since it can resist network changes, making it a perfect choice for mobile users. Though, we do need to mention that PPTP ends up being less reliable since it’s easier to block it with firewalls.
Lastly, in terms of speed, both VPN protocols are pretty tied. PPTP can be very fast, and IKEv2/IPSec can be just as fast as well – but with an extra layer of security on top.
If you want to read more about IKEv2/IPSec, follow this link.
3. PPTP vs. IPSec
PPTP and IPSec both use encapsulation technologies, but IPSec is significantly more secure than PPTP. Also, IPSec is not as stable as PPTP, but it’s much harder to block with a firewall since it can encrypt traffic without an end application being aware of it.
On the other hand, PPTP is faster than IPSec, and it’s much easier to configure on the VPN provider’s end.
Want to learn more about IPSec? We’ve already written an article on it.
4. PPTP vs. OpenVPN
Compared to PPTP, OpenVPN features much more secure connections. The protocol can use the AES-256 cipher, can use any port, and there’s also the fact that OpenVPN is open-source, making it more trustworthy than PPTP, which was developed by Microsoft – a company known to collaborate with the NSA.
On top of all that, OpenVPN can’t really be blocked at all, considering that OpenVPN traffic is very hard to tell apart from SSL or HTTPS traffic.
PPTP surpasses OpenVPN when it comes to speeds, though. While it’s true that you can use OpenVPN on UDP for better speeds, it doesn’t really come close to PPTP’s connections speeds. Also, PPTP is significantly easier to configure than OpenVPN (which can take up from a couple of hours to a few days depending on your experience level).
In case you’re interested in reading more about OpenVPN, check out this article.
5. PPTP vs. SoftEther
Even though it’s a relatively new VPN protocol, SoftEther is much more stable than PPTP, is four times faster than it, and significantly safer than PPTP as well since SoftEther uses SSL 3.0 for secure connections and can use 256-bit encryption. What’s more, if you set up a SoftEther VPN server, you’ll get to enjoy support for multiple VPN protocols (like SSTP, OpenVPN, IPSec, L2TP/IPSec, and SoftEther), something a PPTP VPN server can’t offer you.
PPTP shines in comparison to SoftEther when it comes to cross-platform compatibility, ease of setup, and availability. As it stands, SoftEther has no native support on any OS, and it’s a software-based solution, meaning you will need to install additional software if you want to use it – even if the VPN provider offers access to it. Speaking of which, there aren’t many VPN providers who offer SoftEther support right now.
Interested in learning more about SoftEther? Here’s an article we wrote about it.
6. PPTP vs. SSTP
SSTP (Secure Socket Tunneling Protocol) was developed by Microsoft as well, and it was first introduced with Windows Vista. Security-wise, SSTP is much safer than PPTP since it can use 256-bit encryption, and it uses SSL 3.0 just like OpenVPN. That also means it can easily bypass firewall blocking since it uses port 443 – the same port HTTPS traffic uses.
However, SSTP is more limited when it comes to speed (not by much, though). Also, SSTP only comes built-in on Windows operating systems, and it’s configurable on routers, Linux, and Android, so it isn’t available on as many platforms as PPTP is.
In case you’re looking to read more about SSTP, you might be interested in our guide on it.
7. PPTP vs. Wireguard
Wireguard is a very new VPN protocol, and it offers higher security than PPTP. Besides that, it’s also open-source, and allegedly lighter and faster than most VPN protocols.
But – for now at least – PPTP still has the upper hand since it’s faster and much more stable than Wireguard. Not only that, but Wireguard currently only works on Linux, and it’s still in the experimental phase, so it should only be used for testing, not regular online browsing.
If you’d like to read more about Wireguard, here’s an article we wrote about it.
So, Is a PPTP Connection Still Worth It?
Well, despite all its security flaws, PPTP is a good VPN protocol to use. However, we only recommend using it if you are looking for a fast way to unblock and/or stream geo-restricted content. You should not use PPTP – under any circumstance – while accessing sensitive online information (like your email or bank account, for instance).
Still, do keep in mind that – in time – newer operating systems and devices might not support PPTP any more due to its outdated security standards. For example, PPTP is no longer supported on macOS Sierra and iOS 10, and newer versions.
What Is PPTP? The Bottom Line
PPTP (Point-to-Point Tunneling Protocol) is a VPN protocol that’s used to ensure proper communications between a VPN client and a VPN server. It got its start in 1995 on Windows platforms, but is now available on many other operating systems and devices too.
Most VPN providers offer PPTP, but you should only use it for accessing or streaming geo-blocked content. While it is very fast, it’s not secure at all. In fact, using PPTP to access sensitive information (like your bank account or credit card details) is a sure way of getting it stolen.
If you’re looking for a VPN provider, we’d recommend picking one that offers access to multiple VPN protocols. Being limited to only PPTP isn’t ideal, and actually quite dangerous.