Advantages of SSTP based VPN tunnel

In last week blog, I wrote about SSTP – the new VPN tunnel which goes over HTTPS – hence increasing the coverage area of VPN connection to “everywhere”. Today I am going to talk about advantages of SSTP compared to “network extension or full tunnel” solution delivered by other SSL products. Note: I am not comparing web based access (i.e….


Changes to CMAK in Longhorn Server

This is to give an idea of what new features, changes has made to CMAK till now for Longhorn Server. This list is not final and subject to change.   –          In order to ease the profile authoring, separate wizard pages has been included for Vista profiles and Down-level profiles [WS03, XP, W2k]. –          CMAK…

VPN tunnel across web proxy, NAT and firewall – no kidding !!

I am sure at times you might have faced this problem where PPTP or L2TP based VPN connection does not go through. This may be in some hotel or when you are visiting a customer or partner site etc. This is primarily due to PPTP GRE port blocking or L2TP ESP port blocking issue by some firewall or NAT router…


Vista: How PPPv6 support works?

I have seen lots of email coming around on how IPv6 supports works on WAN links in Vista. Or in other words how PPPv6 works Lets start by some fundamentals first: PPP is the protocol which is normally used to connect to your ISP over dial-up links (i.e. PPP over dialup) OR broadband networks  (i.e. PPP over Ethernet) OR to…


Vista, WS08: Security changes for remote access scenarios

In Vista, following changes have been done in remote access from security perspective   1)    All the weak crypto algorithms have been removed and new stronger crypto algorithms are added to VPN tunnels Let us take case by case – per tunnel basis   1.1)        PPTP: 40/56 bit RC4 encryption is removed by default from…


Vista/WS08: Frequently asked questions on IPv6 support for remote access scenarios (RAS)

Hi, In this blog, I am giving quick FAQ on RAS IPv6 support in Vista and Longhorn Server   IPv6 How do we support IPv4 and IPv6? First a little background: After you establish a VPN connectivity, you have two interfaces on your client machine – one is your Internet interface (i.e. like Ethernet, PPPoE, PPP…


VPN server deployment: IP Addressing, Routing/NAT, Single vs two NIC

Hi Folks, I have seen a lot of IP addressing, NIC, NAT related queries in different newsgroups. This blog is aimed to give you a quick view on this. First the basics on IP address/routing on RRAS perspective: Broadly there are two set of machines (or subnets) which needs IP address – one is the LAN machines (which…


Support WebCast: Configuring virtual private network enforcement for Network Access Protection

How to configure virtual private network enforcement for Network Access Protection in Windows Vista and in Windows Server “Longhorn” Beta 2 Support webcast link Session Summary This Support WebCast will outline the configuration steps required to set up VPN enforcement for NAP by using the Windows VPN client on Windows Vista and by using…

Differnet ways to add the routes

Adding DOD static and Non-DOD static routes :- netsh routing ip add persistant   Adding NETMGMT routes:- Preferred way is   i)- route add  ii)- netsh interface ip add route but there is an alternate way also to add the NETMGMT routes. netsh routing add rtmr

Vista and Longhorn: New features in remote access (RAS)

Hi Folks, In this post, I will cover up some of the major feature additions that are done to remote access scenarios – both on the client side as well as the RRAS server side in Vista and Longhorn timeframe. The list of major features include 1) NAP Enforcement for VPN client: NAP capable VPN…