VPN connections fail after upgrade from XP to Vista
After Upgrade from XP to Vista RAS Connections are Failing
I have seen a number of posts on news groups and other forums where customers are not able to setup a RAS connection
after upgrading from XP to Vista. The purpose of this post is to explain the cause of this problem in majority of the
cases1. Authentication Protocol
Vista does not support the MSCHAPv1 protocol for authentication. The protocols supported on Vista are
PAP, CHAP, MSCHAPv2, PEAP and EAP. The default is MSCHAPv2. Hence, if the server is not configured for
or does not support any protocol other than MSCHAPv1 then connection setup will fail.2. Encyption Type Setting
Vista supports only strong encryption by default which is 128-bit RC4 for PPTP and AES 128 bit, AES 256 bit, 3DES for
L2TP. So, if the server doesnt support these encryption types connections will fail. The solution is to either upgrade
the server to support these encryption types or to configure the client to support weaker encryptions types. The
latter can be accomplished as followsChange the following registry keys to 1:
HKLM\System\CurrentControlSet\Services\Rasman\Parameters\AllowPPTPWeakCrypto FOR PPTP
HKLM\System\CurrentControlSet\Services\Rasman\Parameters\AllowL2TPWeakCrypto FOR L2TP
Restart your machine after changing the value of a keyTHe following links provide more info
http://support.microsoft.com/kb/929857/en-us
