The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks.
PPTP works by sending a regular PPP session to the peer with the Generic Routing Encapsulation (GRE) protocol. A second session on TCP port 1723 is used to initiate and manage the GRE session. PPTP is difficult to forward past a network firewall because it requires two network sessions.
PPTP connections are authenticated with Microsoft MSCHAP-v2 or EAP-TLS. VPN traffic is optionally protected by MPPE encryption, which is described by RFC 3078.
MSCHAP-v2 can be compromised if users choose weak passwords. The certificate-based EAP-TLS provides a superior security option for PPTP.