Additional Security Considerations

When deploying a remote access VPN solution, you must consider the following additional security considerations:

  • Strong link encryption

  • Packet filtering on the VPN server

  • Firewall packet filtering for VPN traffic

  • Multi-use VPN servers

  • Preventing traffic routed from VPN clients

  • Concurrent access

  • Unused VPN protocols

Strong Link Encryption

For encryption, you can use link encryption or both end-to-end encryption and link encryption, described as follows:

  • Link encryption encrypts the data only on the link between the VPN client and the VPN server across the Internet. For PPTP connections, you must use MPPE in conjunction with MS-CHAP v2, PEAP-MS-CHAP v2, EAP-TLS, or PEAP-TLS authentication. For L2TP/IPsec connections, IPsec ...

Get Windows Server® 2008 Networking and Network Access Protection (NAP) now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.