OctalDump wrote: » "PPP is used to dial DIRECTLY into to say..a company network, whereas PPTP is used to create a virtual private network over the internet" PPTP would usually run over TCP/IP, which might run on top of PPP for part of its journey. PPTP is largely deprecated due to numerous security issues, so IPSEC is normally used to encrypt. IPSec is part of TCP/IP and is a network layer 'extension' to regular IP. So you can think of it as running IP with security options. You can run both, since PPTP provides a layer 2 tunnel, which you can run TCP/IP in, and consequently IPSec. MSCHAP is an authentication protocol which is used, commonly, to establish the link (PPP or PPTP) in the first place. So you might end up with something like Ethernet Frame [PPP [TCP/IP [ PPTP [ TCP/IP.... Or Ethernet Frame [PPP [TCP/IP + IPSec [ L2TP [ TCP/IP... As you can see once you get to TCP/IP, you can encapsulate another protocol within that. You might have this "double VPN" of IPSec within PPTP (or vice versa) if you had two routers doing a site to site VPN, and then someone used that link to connect using a host to host VPN. For the part of the journey over the site to site VPN, you might have: PPP [TCP/IP [PPTP [ TCP/IP + IPSec [ L2TP [ TCP/IP... The layered OSI model is pretty important to getting your head around this. Once you get that, and that you 'tunnel' lower layers within higher layers, then the rest is very straight forward.
