none
Which authentication methods are currently considered as secure when using SSTP? RRS feed

  • Question

  • I am trying to figure out how to configure a SSTP VPN correctly. There is a myriad of authentication methods, but not all of them seem to be equally secure. Which one should I choose? For instance, is SSTP with EAP-MSChapV2 currently considered vulnerable?



    Adrian Grigore http://www.logmytime.de

    Saturday, November 30, 2019 2:18 PM

Answers

  • Hello Adrian,

    As you correctly point out, the credentials are adequately protected by the SSTP tunnel when in transit.

    In general, when exchanging credentials, MS-CHAPv2 is better than CHAP and CHAP is better than PAP. Since there is no reason not to use MS-CHAPv2, then that is a reasonable thing to do.

    There is no difference between EAP-MSCHAPv2 and MS-CHAPv2 except an additional layer of encapsulation that allows MSCHAPv2 to be used in protocols that only accept authentication information wrapped in EAP (such as IKEv2).

    The encryption provided by PEAP is not necessary when the credentials are sent in an encrypted tunnel such as SSTP. PEAP also verifies the server identity (using normal TLS mechanisms), but SSTP does this too.

    In summary, plain MS-CHAPv2 is a good choice with SSTP.

    Gary

    • Proposed as answer by Anewton Monday, December 2, 2019 3:36 PM
    • Marked as answer by Adrian Grigore Monday, December 2, 2019 3:48 PM
    Monday, December 2, 2019 3:10 PM

All replies

  • Hi ,

    EAP-MSCHAPv2 is a password based authentication method.

    You could use PEAP-EAP-MSCHAPv2 which use a certificate on the authentication server (NPS) and a password for clients.You could also use PEAP-EAP-TLS which use a certificate on the authentication server and a certificate on the client. PEAP is used to protect to authentication traffic.

    If certificates verified it must be strong.

    Best Regards,

    Candy




    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com   

    Monday, December 2, 2019 3:23 AM
    Moderator
  • Hi Candy,

    thanks for your reply. 

    If the SSTP is encrypted with a regular SSL certificate from a regular registrar, would there still be any reason to use PEAP-EAP-MSCHAPv2 instead of EAP-MSCHAPv2? I'm asking because setting up EAP-MSCHAPv2 seems a bit easier to script.

    Best Regards,

    Adrian



    Adrian Grigore http://www.logmytime.de

    Monday, December 2, 2019 7:25 AM
  • Hi ,

    >>would there still be any reason to use PEAP-EAP-MSCHAPv2 instead of EAP-MSCHAPv2?

    PEAP is used to protect to authentication traffic. In other words ,to protect these password hashes being send over the network, you can use PEAP which act as a TLS/SSL tunnel to protect the authentication traffic.

    If the traffic goes through the intranet and you can make sure the security of the intranet traffic,it is acceptable to use EAP-MSCHAPv2. If not, I would still suggest you use PEAP-EAP-MSCHAPv2 as authentication method.

    Best Regards,

    Candy



    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com   

    Monday, December 2, 2019 7:50 AM
    Moderator
  • Hi Candy,

    thanks for your quick reply. I'm sorry to ask again, but I am not quite sure I understand your answer correctly. 

    Why isn't the authentication traffic already protected by the fact that SSTP uses an SSL / HTTPS connection? 

    Thanks,

    Adrian


    Adrian Grigore http://www.logmytime.de

    Monday, December 2, 2019 9:33 AM
  • Hello Adrian,

    As you correctly point out, the credentials are adequately protected by the SSTP tunnel when in transit.

    In general, when exchanging credentials, MS-CHAPv2 is better than CHAP and CHAP is better than PAP. Since there is no reason not to use MS-CHAPv2, then that is a reasonable thing to do.

    There is no difference between EAP-MSCHAPv2 and MS-CHAPv2 except an additional layer of encapsulation that allows MSCHAPv2 to be used in protocols that only accept authentication information wrapped in EAP (such as IKEv2).

    The encryption provided by PEAP is not necessary when the credentials are sent in an encrypted tunnel such as SSTP. PEAP also verifies the server identity (using normal TLS mechanisms), but SSTP does this too.

    In summary, plain MS-CHAPv2 is a good choice with SSTP.

    Gary

    • Proposed as answer by Anewton Monday, December 2, 2019 3:36 PM
    • Marked as answer by Adrian Grigore Monday, December 2, 2019 3:48 PM
    Monday, December 2, 2019 3:10 PM