The following is my response to the post as above from Luke’s CISSP group:
- A session is an interaction between two parties using a communication channel that can be set up and torn down by either party during a period of time.
- A data link is a logical connection between two adjacent nodes for data transmission.
- PPTP is a protocol that sets up a VPN tunnel as a logical connection between the VPN client and the VPN server. PPTP works at the data link layer, or logical link control (LLC) layer specifically, in terms of its result, the tunnel.
- The VPN client authenticates to the VPN server to set up the VPN tunnel as the communication channel that can be set up and torn down by either party during a period of time. From the perspective of the tunnel building process, it’s reasonable to argue that PPTP works at the session layer.
Personally, I consider PPTP a layer 2 (data link layer) protocol.