How to implement PEAP-MSCHAPv2 as authentication method for VPN connections in TMG 2010

As you may know, there is a known security vulnerability for the authentication method MS-CHAPv2. The following TechNet article provides some detailed information about it: Microsoft Security Advisory (2743314) Unencapsulated MS-CHAP v2 Authentication Could Allow Information Disclosure http://technet.microsoft.com/en-us/security/advisory/2743314 You may consider moving away from PPTP VPN connections which are configured to use this authentication method…


RRAS Service fails to start on ISA Server 2006 when enabling RADIUS Authentication for VPN Users

Introduction   Consider a scenario where the ISA Server administrator has dial-in VPN correctly configured and working through ISA Server 2006. Now he needs to use RADIUS as the credentials authority and he makes the appropriate changes to the RADIUS configuration on the VPN settings as shown in Figures 1, 2 and 3:    …


RRAS Ports are not created after enabling VPN on ISA Server 2006

1. Introduction This post is about an issue that was causing VPN Clients not being able to establish a VPN connection with ISA Server 2006. 2. Symptoms When testing the VPN Client access in this particular scenario we could see on ISA Server Logging that the system rule that allows VPN Client access was identified…