Cisco PIX 500 Series Configuration Manual page 1107

Point-to-Point Tunneling Protocol. PPTP was introduced by Microsoft to provide secure remote
PPTP
access to Windows networks; however, because it is vulnerable to attack, PPTP is commonly used
only when stronger security methods are not available or are not required. PPTP Ports are pptp,
1723/tcp, 1723/udp, and pptp. For more information about PPTP, see RFC 2637. See also PAC,
GRE,
Version 1 of GRE for encapsulating PPP traffic.
PPTP GRE
A tunnel defined by a
PPTP GRE tunnel
The tunnel carries
single tunnel. A control connection operating over
maintenance of sessions and of the tunnel itself.
PPTP
PPTP session
A session is created when end-to-end
The datagrams related to a session are sent over the tunnel between the
Standard
PPTP TCP
control session is logically associated with, but separate from, the sessions being tunneled through a
PPTP
A preshared key provides a method of
preshared key
static number of
for each pair of
be configured for every
a more scalable method of
The security appliance normally operating when two units, a primary and secondary, are operating in
primary, primary
unit failover mode.
Privileged EXEC mode lets you to change current settings. Any user EXEC mode command will work
privileged EXEC
mode in privileged EXEC mode. See also
user EXEC
A standard that defines the exchange of packets between network nodes for communication. Protocols
protocol, protocol
work together in layers. Protocols are specified in a security appliance configuration as part of
literals
defining a security policy by their literal values or port numbers. Possible security appliance protocol
literal values are ahp, eigrp, esp, gre, icmp, igmp, igrp, ip, ipinip, ipsec, nos, ospf, pcp, snp, tcp, and
udp.
Enables the security appliance to reply to an
Proxy-ARP
ARP.
A public key is one of a pair of keys that are generated by devices involved in public key infrastructure.
public key
Data encrypted with a public key can only be decrypted using the associated private key. When a
private key is used to produce a digital signature, the receiver can use the public key of the sender to
verify that the message was signed by the sender. These characteristics of key pairs provide a scalable
and secure method of authentication over an insecure media, such as the Internet.
OL-12172-03
PPTP GRE tunnel, PNS, PPTP
PNS-PAC
PPP datagrams between the
is connection-oriented. The
TCP session over which
tunnel.
IPSec peers. This method is limited in scalability because the key must be configured
IPSec peers. When a new
IPSec peer with which it communicates. Using certificates and CAs provides
IKE authentication.
mode.
session, and PPTP TCP.
pair. The tunnel protocol is defined by a modified version of GRE.
PAC and the PNS. Many sessions are multiplexed on a
TCP controls the establishment, release, and
PNS and PAC maintain state for each user that is attached to a PAC.
PPP connection is attempted between a dial user and the PNS.
PPTP call control and management information is passed. The
IKE authentication that is suitable for networks with a limited,
IPSec peer is added to the network, the preshared key must
command-specific configuration
ARP request for IP addresses in the global pool. See also
Cisco Security Appliance Command Line Configuration Guide
Glossary
PAC and PNS.
mode, global configuration
PPTP
mode,
GL-15