Configuring PPTP Filtering on the PPTP Server

Enabling PPTP filtering provides a form of security for your private network by configuring an adapter on the computer to block all packets except PPTP packets. In a multi-homed computer, such as a PPTP server with one adapter connected to the enterprise network and another adapter connected to the Internet, PPTP filtering should be enabled on the adapter over which the PPTP connection is being made.

In other words, if remote or mobile users connect to the enterprise network by using the PPTP server and the Internet, PPTP filtering should be enabled on the server adapter that is connected to the Internet. PPTP filtering in this case is enabled by configuring TCP/IP settings for the adapter that is connected to the Internet.

Note When PPTP filtering is enabled, all other network packets are ignored. Thus, packets from TCP/IP utilities such as ping and tracert are not accepted by the adapter on which PPTP filtering is enabled. This provides security, but it also means it can be difficult to troubleshoot possible problems on the PPTP server by using the TCP/IP troubleshooting utilities.

To enable PPTP filtering on an adapter in the PPTP server

1. Click Start, point to Settings, and then click Control Panel.

2. Double-click Network in Control Panel.

3. Click the Protocols tab, select TCP/IP Protocol, and then click Properties.

4. Click the IP Address tab, and then click Advanced.

5. Click the Adapter drop-down arrow and select the adapter connected to the Internet. Click Enable PPTP Filtering, as shown in the following dialog box. Note that filtering is enabled only on network adapters. Filtering cannot be enabled on modems or ISDN devices.

Figure 6 - Enabling PPTP Filtering on the PPTP server

6. Click OK, click OK again, and then close Network.

7. Shut down and then restart the computer.