Much discussion is occurring about the security of the tunnel established between the client and the server. Bruce Schneier, president of the cryptographic consulting firm Counterpane Systems and author of Applied Cryptography (John Wiley & Sons), has raised serious concerns about the security of Microsoft's implementation of the Point-to-Point Tunneling Protocol (PPTP). You can find information about Counterpane Systems' cracking of PPTP at You can find Microsoft's response to Counterpane Systems' concerns at basics/securevpn/default.asp.