The PPP Authentication Process

The Point-to-Point Protocol (PPP) uses four phases of negotiation to establish a connec-tion.The four phases of negotiation are:

1. PPP Link Establishment

2. User Authentication

3. PPP Callback Control

4. Invocation of Network Layer Protocol

During phase one, authentication protocols are negotiated. Also, the agreement between the client and server to use compression and encryption also occurs during phase one. Phase one does not involve the implementation of the authentication protocols that are selected, nor does it involve the selection of compression or encryption algorithms.The decision to use authentication and the type of authentication to use is negotiated, and the agreement to use compression and/or encryption completes the steps processed in phase one.

Phase two of the PPP negotiations involves authentication protocol implementation.The sole focus of phase two is the implementation of the authentication protocol selected in phase one. Windows Server 2003 Routing and Remote Access supports five different protocols for PPP authentication.We will discuss each of these protocols in more detail in the next section. Phase two of PPP negotiations involves collection of authentication data and comparison, either locally or remotely, of the data against stored authentication information.

Phase three handles PPP Callback Control. When used, this phase provides additional security by requiring the remote access server to call the client back at a specific number. This is a dial-up feature that is not used in VPN connections.

Phase four invokes the upper layer network control protocols. Typically, TCP/IP upper layer connectivity is provided through the Internet Protocol Control Protocol (IPCP). Also, Microsoft compression and encryption features are implemented during phase four of the PPP negotiations.

