Don't take me wrong, but the fact that a protocol or system is old is not any measure of its quality. As for PPTP it is really crap, full of problems, but you must take into context that it was developed primarily for... Windows! And at a time that MS wouldn't give a 5hit about standards, interoperability, and, to a certain degree, security.
However, I can see some valid uses for PPTP (and for many other old/obsolete stuff), specially in the context of a internal networks. I known there are many other options, but as flawed as it is, it performs quite well.
That said I wish Mikrotik could make an option, per interface, to allow ignoring that message. It's really bad to show it on the list of interfaces. The option could just move the warning to the interface details window.
Well, at least Mikrotik did not take the same road as Apple and still allow it to be used.
Due to these security concerns, PPTP is not recommended for use in most situations. More secure VPN protocols like L2TP/IPsec, IKEv2/IPsec, and OpenVPN should be used instead to ensure the privacy and security of your data.
PPTP traffic uses TCP port 1723 and IP protocol GRE (Generic Routing Encapsulation, IP protocol ID 47), as assigned by the Internet Assigned Numbers Authority (IANA).
Block destination port TCP 1723 in the forward chain, or better block protocol type 47 (GRE) which is used by PPTP. That way you will also block PPTP services on non-standard ports.
PPTP barely offers any security and lacks the encryption that comes with other VPN protocols. This is why if you want to make sure that your connection remains completely secure, then it is better to disable PPTP Passthrough.
Point-to-Point Tunneling Protocol (PPTP) uses TCP port 1723 and IP protocol 47 Generic Routing Encapsulation (GRE). PPTP provides a low-cost, private connection to a corporate network through the Internet. PPTP works well for people who work from home or travel and need to access their corporate networks.
Point-to-Point Tunneling (PPTP) is one of the oldest VPN protocols that was widely used for creating secure, encrypted tunnels in the early 2000s. Developed by Microsoft in 1999, the point-to-point protocol presented an easy and effective way to encrypt communications.
Security concerns: Despite the simplicity and speed, PPTP falls short regarding security. Its encryption is considered weak compared to other VPN protocols, making it vulnerable to attacks. Stability issues: PPTP connections often face stability issues. They can drop frequently, especially on unreliable networks.
In some circ*mstances, there may be ways to enhance the security of existing PPTP implementations. For instance, you could switch from MS-CHAP to EAP-TLS (Extensible Authentication Protocol). This uses Public Key Infrastructure (PKI) to authenticate data via a certificate-based system. PKI isn't for everyone.
For HTTPS to work properly, you need to specify a valid certificate that WebFig can use. You can use a certificate that is issued by a trusted Certificate Authority (CA) or you can create your own root CA and generate self-signed certificates. WebFig supports wildcard certificates.
Introduction: My name is Neely Ledner, I am a bright, determined, beautiful, adventurous, adventurous, spotless, calm person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.
