If you are upgrading your company’s Windows operating system (OS), you should know about a few changes Microsoft made to Windows security in Windows 2008 and Windows 2008 R2 that will affect the way you set up virtual private networks (VPNs). First of all, VPNs switched from using Layer Two Tunneling Protocol (L2TP) to Secure Socket Tunneling Protocol — or SSTP, which is a Windows flavor of Secure Sockets Layer (SSL). Not only does this make Windows VPNs more secure, but this also changes the steps to set up your VPNs. Secondly, although the preferred method for authenticating and authorizing VPN traffic has always been to use RADIUS authentication, earlier iterations of the OS prior to Microsoft Windows 2008 called this “Internet Authentication Service,” better known as IAS. This alteration will affect how you authorize traffic through your VPN.
In this series of technical articles, IT guru Brien Posey explains how to set up VPNs securely for Microsoft Windows 2008 and higher. From his articles you can learn:
- How to set up an SSTP VPN
- How to authorize VPN traffic with RADIUS
- How to configure Windows Server 2008 R2 to act as an enterprise certificate authority to avoid purchasing costly X.509 certificates