Quick search, see this post for reference.
viewtopic.php?t=149256#p734754
Add the IP port being used for PPTP (TCP/1723 ?).
Successful logins might also appear on that level 1 list but as long as they are successful, they should never hit level 2.
Otherwise play with the timeouts etc.
Be sure to test properly and make SURE you have a local escape path using another port so you do not lock yourself out when setting this up.
But I agree with jotne not to use PPTP anymore...
We're not using clay tablets anymore either, do we ?
Look at it from another angle... why do you think you're getting bruteforced using that port ? Because PPTP is "relatively" easy to crack, that's why they try. Sooner or later someone will hit the magic section and then you're so out of luck ...
No need to change all at once. You can also do it gradually.
But sooner or later you will have to. Better now. Inconvenience is rarely a good reason to postpone.
My view.