PPTP Access Concentrator(PAC)

A node that acts as one side of a PPTP tunnel endpoint and is a peer to the PPTP Network Server (PNS). PAC refers to the server that terminates the PPTP tunnel and provides VPN connectivity to a remote client.

PAC is physical level repeater, which receives PPP connection of some type and forwards it to PNS using PPTP protocol.

PPTP Network Server(PNS)

A node that acts as one side of a PPTP tunnel endpoint and is a peer to the PPTP Access Concentrator (PAC). PNS refers to the remote client that requests to establish a VPN connectivity using PPTP tunnel.

PNS is a PPP endpoint, which receives PPP frames via PPTP tunnel and processes them.


Complete PPTP network topology looks like:
client <- some link type -> PAC <- PPTP tunnel -> PNS

In simple case, when physical conversion is not required, topology can be simplified to:
client (PAC emulator) <- PPTP tunnel -> PNS

LCP Link Control Protocol 链路控制协议,用于 PPP 链路的建立、维护和拆除。LCP 数据包是在 PPP 数据包的信息域发送的。LCP 数据帧分为如下三个部分:

  • 连接配置包:用于建立和配置一个 PPP 链路连接
  • 连接终止包:用于终止链路连接。
  • 连接维持包:用于管理和测试链路连接。

NCP network control protocol 网络控制协议 ,它是PPP协议的一个子协议,是用来建立和配置不同的网络层协议的。其数据帧叫PPP网络控制NCP帧.其格式为:

标志字段 地址字段 控制字段 协议字段 网络控制数据 帧校验字段 标志字段
( 7E) (FF) (03) (8021) (FCS) (7E)


TCP连接由PPTP客户机上的一个动态分配的TCP端口到PPTP服务器上的TCP 1723端口建立。

Tunnel Maintenance with the PPTP Control Connection

PPTP Control Connection Packet包括一个IP报头,一个TCP报头和PPTP控制信息,数据包格式如下。所示的PPTP控制连接数据包还包括数据链路层报头和报尾。

PPTP Message Type ― 可能值有:1、控制信息;2、管理信息。

PPTP Data Tunneling

PPTP data tunneling is performed through multiple levels of encapsulation。the resulting structure of PPTP tunneled data: