Microsoft has officially deprecated the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in future versions of Windows Server. Administrators are advised to transition to more secure alternatives for remote access to corporate networks.
For over two decades, PPTP and L2TP were common in enterprise environments, but their vulnerabilities have become increasingly evident as cyber threats evolve. PPTP is particularly susceptible to offline brute force attacks, while L2TP lacks inherent encryption and requires proper configuration with additional protocols like IPsec.
In light of these security issues, Microsoft recommends migrating to the Secure Socket Tunneling Protocol (SSTP) and Internet Key Exchange version 2 (IKEv2). These newer protocols offer enhanced performance and security features critical in today’s complex network landscape. SSTP provides strong encryption via SSL/TLS and facilitates seamless firewall traversal, while IKEv2 ensures high security, maintains VPN connections during network changes, and offers improved performance.
The deprecation does not mean immediate removal; it indicates that PPTP and L2TP will no longer receive active development, allowing a transition period of months to years. In future versions of Windows RRAS Server, incoming connections using these protocols will be disallowed, though outgoing connections will still be possible. To aid in this transition, Microsoft released a support bulletin outlining detailed steps for configuring the recommended protocols.
The 128 series brings you byte-sized news for busy professionals. The full story can be found here: http://cmd.news/article/industry-news/microsoft-deprecates-pptp-and-l2tp-vpn-protocols/
