In Chapter 4, you were introduced to the Point-to-Point Tunneling Protocol, which can be used to create a secure connection between remote users and a network. Out of the box, PPTP is primarily an extension of Windows NT Remote Access Services that helps establish a VPN between an Internet user and a destination network using the RAS server as a gateway. Microsoft’s Routing and Remote Access addendum to Windows NT Server allows for LAN-to-LAN PPTP connections. This chapter mostly contains hands-on material for those of you wanting to set up your own PPTP connections. The first procedure we’ll discuss is how to configure PPTP on your NT server. Rather than going into detail about setting up RAS, we’ll assume that you’ve done it before, and only cover the places where RAS and PPTP intersect in detail. (If you have no RAS experience, the NT Help files can help you out, and there are several good books available on the subject.) When configuring RAS, you’ll specify the number of ports you want to make available for VPN dial-up access. Although most administrators set their RAS servers up for dial-in only, you can also allow outgoing PPTP connections from the server.

RAS also lets you specify which protocols the NT server will route to dial-up users. Limiting the protocols will give you some control over which servers dial-up users can access. For example, allowing only IP will let users get to a TCP/IP email server, but prevent ...