Add PPTP Filters

  • Article

Updated: April 30, 2010

Applies To: Windows Server 2008, Windows Server 2008 R2

Add PPTP Filters

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.

To select the PPTP interface

  1. Open the Routing and Remote Access MMC snap-in.

  2. In the console tree, expand the server name, expand IPv4, and then click General.

  3. In the details pane, select the interface on which you want to enable PPTP inbound and outbound filtering.

  4. Scroll to the IP Address column, and then write down the IP address assigned to the interface.

  5. Right-click the interface, and then click Properties.

Note

  • All six filters — three inbound and three outbound — work together to complete PPTP packet filtering. The PPTP filtering is not secure unless all six filters are configured correctly.

  • If the six filters are the only filters configured, then the only traffic that is allowed in and out of the interface is PPTP traffic to and from the PPTP server and PPTP client.

    • To set PPTP inbound filters

    To set PPTP inbound filters, you must configure up to three inbound filters and set the appropriate action for each filter.

    1. Click Inbound Filters.

    2. In the Inbound Filters dialog box, click New, and then configure one of the three inbound filters as indicated in the section Packet filters for Point-to-Point Tunneling Protocol (PPTP) in Appendix B: VPN Servers and Firewall Configuration in the RRAS Design Guide.

    3. Click OK.

    4. To set the action for the filter, in the Inbound Filters dialog box, select the filter, and then select Drop all packets except those that meet the criteria below.

    5. Repeat steps 2 through 4 for each of the remaining filters.

    6. Click OK when you have configured all three inbound filters.

    To set PPTP outbound filters

    To set PPTP outbound filters, you must configure up to three outbound filters and set the appropriate action for each filter.

    1. Click Outbound Filters.

    2. In the Outbound Filters dialog box, click New, and then configure one of the three outbound filters as indicated in the section Packet filters for Point-to-Point Tunneling Protocol (PPTP) in Appendix B: VPN Servers and Firewall Configuration in the RRAS Design Guide.

    3. Click OK.

    4. To set the action for the filter, in the Outbound Filters dialog box, select the filter, and then select Drop all packets except those that meet the criteria below.

    5. Repeat steps 2 through 4 for each of the remaining filters.

    6. Click OK when you have configured all three outbound filters.