Most people don’t know that Windows has included its own VPN software for years. And Windows 8, like its predecessors, includes a utility that allows users to establish PPTP VPN connections.
Some people may want to use a Windows PPTP VPN, but I would recommend that they only use a PPTP connection if it is their last resort and only option.
Before we look at the steps necessary to easily configure a VPN in Windows 8, let’s take a look at PPTP and Microsoft’s history to understand the rampant security concerns.
Security Concerns Using PPTP
Believe it or not, Microsoft actually led the team that originally created the PPTP security protocol. Many people believe that is was a mistake for Microsoft not to patent their protocol, instead choosing to make it an open standard.
The vendor consortium organized by Microsoft published PPTP back in 1999 (RFC 2637), making it nearly 17 years old – showing us just how outdated this security protocol is.
Interestingly enough, it is still such a ubiquitous and popular protocol that many leading VPN service providers still offer it as a connection option, and it’s not without its benefits.
PPTP is a much more lightweight protocol than other alternatives, ensuring that less overhead and latency is added to a user’s Internet connection. In addition, it is frequently used by novices because it is so darn easy to configure.
But it suffers from some major security problems these days, making it a less attractive alternative than OpenVPN or other protocols.
Not only can the federal United States government crack the encryption used in PPTP, but more and more common hackers are able to do it now. One tool, CloudCracker, promises to crack PPTP in as little as one day.
All a user needs in order to break PPTP is $200.00 for a piece of software and one day, which begs the question: why would anyone want to use PPTP in the first place?
Well, there are a variety of scenarios that could make PPTP and attractive option. The truth is that it still does offer some security, albeit only a little. Still, weak security is better than no security.
Perhaps a user only has access to a server that hosts PPTP connection (highly unlikely, but plausible). Perhaps there are bugs in their VPN software client or operating system specific issues that prevent a user from using a better protocol.
The software is fallible, and sometimes a user may find that their only means of encrypting data is by using PPTP.
With that understanding, I would highly caution security purists to stay away from PPTP unless it is their only option. So, let’s take a closer look at how to setup a VPN using PPTP in Windows 8.
The first thing a user needs to do to configure a PPTP VPN is to open the Control Panel. You can either browse through the GUI or use the hotkey (Windows Key + x).
Click on the “View Network Status and Tasks” option
Now find the “Set up a new connection or network” option in the Network and Sharing Center.
Click on “Connect to a workplace,” and then click on the “Next” button.
Select “Use my Internet connection (VPN).”
Now simply enter the domain name or Internet address that was provided by your VPN provider. You can also connect to your home network if you have set up a private home VPN server.
If you want to save your credentials, check the “Remember my credentials” box, and then click the “Create” button.
Now your VPN connection is set up. To connect and disconnect, either click on the Network Icon in the taskbar or press the hotkey (Windows key + i) to pull up the settings menu.
Click on your new VPN connection, and then click the “Connect” button.
Enter your username and password, and your VPN connection should come up.
Preferable Alternatives and L2TP/IPsec
Though PPTP is incredibly easy to setup, the more preferred option is to use a stronger security protocol like L2TP/IPsec. This type of connection simply doesn’t suffer from the security flaws as PPTP, making it a much more attractive and enticing alternative.
In addition, we’ll look at how to setup an OpenVPN connection next. To set up an L2TP/IPsec tunnel, simply repeat the first seven steps from the PPTP guide.
Perform steps 1-7 in the PPTP guide.
Find the new VPN connection that you should have now created, and then right click on it and select “View connection properties.”
Locate the Security tab, and choose the option “Layer 2 Tunneling Protocol with IPsec (L2TP/IPsec)” by finding the “Type of VPN” menu’s dropdown box. Next, click on the Advanced Settings tab.
Find the radio button labeled “Use preshared key for authentication.” Enter the PSK that was supplied by your VPN service. Click the OK button.
Browse to the Security tab and make sure that all of the fields and settings match those that were provided by your VPN service. Some providers only have specific instructions and settings for Windows 7.
In most cases, these settings remain the same, so you can reasonably assume these settings will work with Windows 8.
Find the Networking tab and disable all of the options. Two exceptions that are up to your discretion are IPv6 and File and Printer Sharing. Unless your VPN provider explicitly states to leave these settings on, you can safely disable them.
Browse to the Networks section, click on the new VPN connection, and click Connect. Now simply enter your username and password.
OpenVPN Connection Setup
OpenVPN is a little different than the preceding two types of VPN tunnels since it requires the download and installation of non-native third party software.
The very first thing you’ll want to do is download a copy of OpenVPN for Windows 8. After you have installed the software, use the following steps to connect to your VPN server.
Right click on OpenVPN and select the “Open file location” from the right-click menu. Find the GUI icon and right click on it to find the Properties menu.
Click on the Compatibility tab and make sure that you have checked the box labeled “Run this program as an administrator.”
Find the configuration files from your provider. Most VPN services have OpenVPN configuration files that are hosted on their website for members to download.
Make sure that you unzip them within the “config” folder in the OpenVPN folder (most often under the path C:\Program Files\OpenVPN\config).
After the files have been unzipped, double-click the OpenVPN icon to launch the program. You should see a red icon show up on the taskbar.
Right click on the red icon and choose “connect.” Once the light has turned green, your OpenVPN connection is up and running.
So at the end of it all, why on Earth would anyone want to resort to using a PPTP connection? Despite the fact that it only offers weak security, it does still provide some security, which is better than no security.
Nevertheless, I can’t stress this enough: don’t use PPTP if you have other options at your disposal such as OpenVPN or L2TP/IPsec! These two security algorithms are much stronger than PPTP and they can’t be cracked, either.
Lastly, I would caution you to always use a VPN tunnel when connecting to the Internet.
The only exceptions might be trivial and inconsequential traffic such as a movie or streaming music, but even then, I prefer it if others can’t see what I’m doing. After all, we do have a right to privacy.