PPTP:本身不提供加密/加密。依靠TUNNEL内部自己的协议提供安全性/加密。已经被L2TP/IPSec取代。

     是一种扩展的GRE协议，二个会话。通过GRE（IP PORT 47 ）建立一个正常的PPP会话，再通过TCP PORT 1723来建立第二个会话，这个会话用来管理第一个会话。

 

 

 

L2TP： 同PPTP，本身协议不提供加密。依靠隧道内部的协议来提供加密（和IPSec结合）。

       会话层协议。UDP1701

       由PPTP和L2F共同发展而来。

       LAC和LNS构成，先由LAC发起建立一个tunnel.高层协议比如PPP在这个tunnel中再创建一个session（可由LAC或LNS发起）来使用。session之间通过L2TP隔离。

       默认Tunnel里面的控制信号是可靠的，数据信号是不可靠的。

 

 

MPPE： 使用RC4来进行加密（本身不压缩，需要使用MPPC来压缩）

MPPC：Microsoft Point-2-Point Compresion：使用LZ来压缩

 

 

 

In , Layer 2 Tunneling Protocol (L2TP) is a used to support (VPNs). It does not provide any or by itself; It relies on an that it passes within the tunnel to provide privacy.

 

Although L2TP acts like a protocol in the , L2TP is in fact a protocol^[], and uses the registered UDP port 1701.

 

 L2TP does not provide confidentiality or strong authentication by itself. is often used to secure L2TP packets by providing confidentiality, authentication and integrity. The combination of these two protocols is generally known as L2TP/ (discussed below).

 

The two endpoints of an L2TP tunnel are called the LAC (L2TP Access Concentrator) and the LNS (L2TP Network Server). The LAC is the initiator of the tunnel while the LNS is the server, which waits for new tunnels. Once a tunnel is established, the network traffic between the peers is bidirectional. To be useful for networking, higher-level protocols are then run through the L2TP tunnel. To facilitate this, an L2TP session (or call) is established within the tunnel for each higher-level protocol such as PPP. Either the LAC or LNS may initiate sessions. The traffic for each session is isolated by L2TP, so it is possible to set up multiple virtual networks across a single tunnel. should be considered when implementing L2TP.

 

The exchanged within an L2TP tunnel are categorised as either control packets or data packets. L2TP provides reliability features for the control packets, but no reliability for data packets. Reliability, if desired, must be provided by the nested protocols running within each session of the L2TP tunnel.

 

 

 

 

 

 

en.wikipedia.org/wiki/PPTP:

 

The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing . PPTP does not provide or ; It relies on the protocol being tunneled to provide . PPTP has been made obsolete by (L2TP) and .

 

 

PPTP works by sending a regular session to the peer with the (GRE) protocol. A second session on port 1723 is used to initiate and manage the GRE session. PPTP is difficult to forward past a network because it requires two network sessions. As such, some firewalls are unable to let pass this traffic flawlessly, resulting in an inability to connect. This rarely happens in Windows or Mac OS, though.

 

PPTP connections are authenticated with or . VPN traffic is optionally protected by (MPPE), which is described by .