We are discussing a new topic: Microsoft Going to End Support for Old VPN Protocols PPTP and L2TP. Better to use more secured SSTP and IKEv2 protocols. As you know, Microsoft sometimes takes a significant step towards deprecating all its features and tools.
Recently, you all know that many tools like NTLM and VBScript, and now it’s the turn for Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) deprecation. Microsoft is ending support for PPTP and L2TP to improve security and performance. As you all know, PPTP and L2TP are the old VPN protocols.
Microsoft’s recent reports say they will end these old PPTP and L2TP to improve network security. For better protection, Microsoft recommends using the newer Secure Socket Tunneling Protocol (SSTP) and Internet Key Exchange version 2 (IKEv2).
As you all know, security threats are increasing nowadays; in this case, we need strong protocol connections. PPTP is known for weak encryption and is vulnerable to many attacks. L2TP is safer than PPTP but still depends on the old IPsec for encryption. So, in this post, we can look at an overview of these Depreciations.
Table of Contents
What is Depreciation?
Depreciation means that that feature or tool will not be supported in the future, which means it is no longer actively developed and might be removed in future updates. Deprecated features will still be supported until they are removed.
Microsoft Going to End Support for Old VPN Protocols
As I discussed, this is an overview of Microsoft deprecating the PPTP and L2TP VPN protocols in Windows Server. I think these protocols are the best ones in the last 20 years. PTP and L2TP have been used for remote access to corporate networks.
- However, over the years, cyber security has increased significantly, and in this case, these protocols have become less secure due to advanced cybersecurity threats.
- Easy Guide to Deploy Azure VPN Client Microsoft Store App using Intune
- Disallow Cache Server Downloads On VPN in Windows Settings Catalog
- Adobe PostScript Type1 Fonts are Deprecated Migrate to OpenType Fonts that can Support Larger Glyph Sets
New Transitioning
In these security aspects, Microsoft suggests that users try new alternatives for the PPTP and L2TP VPN protocols. Microsoft recommends using Secure Socket Tunneling Protocol (SSTP) and Internet Key Exchange version 2 (IKEv2), which Microsoft claims are more beneficial than the older protocols.
| No | Benefits Of Secure Socket Tunneling Protocol |
|---|---|
| 1 | SSTP uses SSL/TLS encryption, providing a secure communication channel. |
| 2 | SSTP can quickly go through most firewalls and proxy servers, allowing for smooth connectivity. |
| 3 | SSTP is easy to set up and use because it is built into Windows. |
Transition to SSTP and IKEv2 for More Secured VPN Connection
SSTP Uses SSL/TLS encryption to create a strong and secure connection. IKEv2 features strong encryption and authentication methods. PPTP and L2TP will still be available for making outgoing VPN connections in future Server and Client versions.
- Windows RRAS Server (VPN Server) will no longer accept incoming VPN connections using these protocols.
- When Migrating from SSTP to IKEv2 or OpenVPN, SSTP and IKEv2 can work together on the same gateway.
- You can easily enable IKEv2 on the existing gateway and update the client software.
| Info | Benefits of IKEv2 |
|---|---|
| High Security | It provides High security and supports strong encryption algorithms and robust authentication methods. |
| Mobility and multihoming | These protocols are effective for mobile users, maintaining VPN connections during network changes. |
| Improved performance | It provides faster establishment of tunnels and lower latency; IKEv2 offers superior performance compared to legacy protocols. |
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.