security PPTP VPN Security

[Husky]

Hello everyone,

 

I have a couple of DrayTek Vigor 3900 VPN Concentrator Firewall Gateway Routers (a mouthful, I know) and I have a question about the security of PPTP VPN.

 

I know that PPTP is incredibly insecure and just overall bad, but it might be the only choice for me for a VPN protocol for my use with Windows machines. I already have IKEv2 and Cisco IPsec VPNs set up that work great with my Linux, macOS, Android and iOS devices - they are also secure protocols. But for Windows, my only choice might be PPTP. I sometimes need to get to my systems from my school and it is very complicated but at the end of the day only PPTP VPNs work on their Windows 10 machines there for some reason.

 

My question, finally, is: is PPTP insecure when not in use? Is it easy for an attacker to hack and connect to the PPTP VPN server on my router? I don't care about the security of the data passing through the tunnel when I am connected, but I do care if it is easy for attackers to brute force the password to connect to my PPTP VPN on my router when I am not connected to it. Basically, is having the PPTP VPN server enabled on my router putting me at risk when I am not connected to it? Can people brute force or crack the Username and Password for the VPN to connect to it easily?

 

Any help is appreciated!

[Oshino Shinobu]

Have you looked into L2TP with IPSec? I have that setup on my own network and Windows, iOS and android devices can all connect fine.

[Acedia]

Last I checked WIndows, by default, supports PPTP, L2TP/IPSec, SSTP and IKEv2....

 

Anywho PPTP sucks because during the first negociation it sends your credentials in clear text, allowing any device in the middle to read it.