Sure there is a risk with PPTP if there indeed is somewhere where someone has physical access
If you believe that, and that you have adequate physical access protection, then why not do without encryption?
The fact is, not all of the MITM methods listed in the article I posted above require physical access, and for those that do, it may not be as difficult as you hope.
The rogue access point only has to be close enough to be in radio range. I'm posting this on a forum of a company that has
products rated in kilometers. Chain one of these long-distance relays to a regular access point placed nearby (e.g. evil janitor attack) and your actual attacker may be on an upper floor of the apartment building overlooking the office.
If the attacker can get close enough to plug that rogue access point into a LAN port instead, it opens you to ARP and mDNS spoofing. The methods to prevent this (MAC address filtering, dot1x) aren't impenetrable.
And then there's the big daddy on that list: DNS spoofing, which allows a successful attacker to be halfway around the world.
That high-level survey article isn't a complete toolkit. Couple its options with a Trojan horse attack, where a legitimate LAN station is taken over, and now you can do all of this without even suborning a janitor.
Disregard MITM attacks at your peril.
The payload is encrypted in SSH
Why do you need PPTP, then? You ask for a point-to-point encrypted tunnel; that's SSH!
Yes, I know it's not a fully-general VPN, but it does let you tunnel other traffic over it (OpenSSH's -L and -R options) and it offers SOCKS proxying (-D) for more general use cases. Port-forward SSH through to an internal server on the remote side, and your tunnel becomes as strong as your key. Disable password authentication or set it to a long random password, put the port on a high random value, and implement fail2ban to frustrate script kiddies, and it'll be quite durable.
Cladding SSH in PPTP is like painting a main battle tank with the very best in appliance-grade enamel. Yes, it'll give a measurable improvement, but it's rather missing the point.
We don't have ROS7 in many places, but maybe Wireguard could be the solution?
WireGuard does make a fine S2S tunnel.
You don't have to have ROS 7 on the border. If you're willing to tolerate double-NAT, simply adding a small WG terminating gateway inside the target LAN with a port-forward to allow outside access may suffice. You could write a script to preconfigure a hEX for each site, storing the keys securely. Mail the box to the site, have the local admin plug it in somewhere sensible, and punch the port-forward through the firewall for its WG listening port. Now you have a WG tunnel to that site.
WG is like SSH with keys: a large random key pair secures access to the connection.
The last command in
my configuration article shows the key concept in action.