Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server
Microsoft has officially deprecated the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in future versions of Windows Server, recommending admins switch to different protocols that offer increased security.
For over 20 years, the enterprise has used the PPTP and L2TP VPN protocols to provide remote access to corporate networks and Windows servers.
However, as cybersecurity attacks and resources have grown more sophisticated and powerful, the protocols have become less secure.
For example, PPTP is vulnerable to offline brute force attacks of captured authentication hashes, and L2TP provides no encryption unless coupled with another protocol, like IPsec. However, if L2TP/IPsec is not configured correctly, it can introduce weaknesses that make it susceptible to attacks.
Due to this, Microsoft is now recommending users move to the newer Secure Socket Tunneling Protocol (SSTP) and Internet Key Exchange version 2 (IKEv2) protocols, which provide better performance and security.
