Dial-In Profile Now Includes Security-Strength Options on Remote Access Policy 'Encryption' Tab (254158)


The information in this article applies to:

  • Microsoft Windows 2000 Server
This article was previously published under Q254158

SUMMARY

This article describes additions to the Encryption tab for the dial-in profile.

MORE INFORMATION

The Encryption tab of the dial-in profile now reflects the different strengths of Internet Protocol Security Data Encryption Standard (IPSec DES) and Microsoft Point-to-Point Encryption (MPPE) RC4. These options are presented as a set of check boxes. The following conditions apply, depending on the check boxes you select:

  • When No Encryption is selected with no other encryption strength, encryption is prohibited in this profile.
  • When No Encryption is selected along with other encryption strengths, encryption is optional at any of the strengths selected.
  • When specific encryption strengths are selected and No Encryption is not included, encryption is required at these strengths.
The actual encryption type is a function of the type of connection. Dial-up and Point-to-Point Tunneling Protocol (PPTP) connections use MPPE RC4. Layer Two Tunneling Protocol (L2TP) connections use IPSec DES encryption. You can select from the following encryption types:

Basic: Specifies 40-bit MPPE RC4 or DES56, depending on the type of connection.

Stronger: Specifies 56-bit MPPE RC4 or DES56.

Strongest: Specifies 128-bit MPPE RC4 or Triple DES56.

Modification Type:MajorLast Reviewed:10/11/2002
Keywords:kbinfo KB254158
©2002 Microsoft Corporation. All rights reserved.