D-Link DFL-1600 User Manual page 249

22.2. PPTP/ L2TP
PPTP authentication
Authentication as an option in PPTP is derived directly from PPP, such as:
Password Authentication Protocol (PAP)
Challenge Handshake Authentication Protocol (CHAP)
Microsoft CHAP version 1 and version 2
PAP is a plaintext authentication scheme by requesting and sending user
name and password in plaintext. Therefore it is not resistant to
Man-in-the-middle attack and dictionary attack as the remote access
client's password can be easily intercepted and determined. Moreover, PAP
offers NO protection against replay attacks and spoofing.
CHAP uses MD5 algorithm to hash a challenge and protects against replay
attacks by using an arbitrary challenge string per authentication attempt.
This is better than PAP since the password is never sent over the link.
Instead, the password is used to create the one-way MD5 hash. That means
that CHAP requires passwords to be stored in a reversibly encrypted form.
MS-CHAP v1 is similar to CHAP, the main difference is that with
MS-CHAP v1 the password only needs to be stored as a MD4 hash instead
of a reversibly encrypted form.
MS-CHAP v2 is similar to MS-CHAP v1 with the difference that the server
also authenticates itself with the client.
PPTP encryption
Initially, PPP connection does not use encryption. To provide
confidentiality to the tunneling, the Microsoft Point-to-Point Encryption
(MPPE) may be used with PPTP to support an encrypted data tunnel.
MPPE uses the RSA RC4 algorithm for encryption and supports 40-bit,
56-bit and 128-bit session keys, which are changed frequently to ensure
security. However, the initial encryption key is derived based on user's
password, and hence it may be vulnerable to attacks.
Since PPTP security is password-based, the choice of a good password is an
important security consideration. Regardless of the key length chosen (40,
56 or 128-bit), the true strength of the key is governed by the randomness
of the password.
D-Link Firewalls User's Guide
229