PPTP is simple and easy to set up. Requests for connections are initiated, and then
the server goes through a series of challenge and response questions with the client before
attempting to authorize the user. Once the user is authorized, the tunnel is created
and the session is encapsulated via the Generic Routing Encapsulation (GRE) protocol,
which is simply a generic packet that states that its contents contain encapsulated data.
This data is also typically encrypted using Microsoft Point-to-Point Encryption (MPPE).
Data is then sent through this tunnel just as it would be on a regular private network,
except the PPTP layer takes care of all the encryption and encapsulation work as well as
reversing this process on the receiver end.
Layer 2 Tunneling Protocol/IP Security (L2TP/IPSec) is a more complicated tunneling
protocol, but its complication is really born out of its ability to be more flexible.
L2TP by nature is a very insecure tunneling protocol because it provides no encryption
SSTP Connection in Detail
SSTP is designed to make client/server VPN connections much easier with fewer
complications, but it does not support (and is not designed for) creating site-to-site
VPN connections. Those kinds of connections are best fulfilled using one of the
other two tunneling protocols. When an SSTP connection is initiated, it undergoes a
series of steps to establish the tunnel, establish authentication, and manage that connection
through its lifetime.
Pages:
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422