Routing and Remote Access Blog

VPN articles - straight from Windows development team

June, 2006

  • Which ports to unblock for VPN traffic to pass-through?

    Little Background: Microsoft RRAS server and VPN client supports PPTP, L2TP/IPSec, SSTP and IKEv2 based VPN connection. PPTP control path is over TCP and data path over GRE. L2TP tunnel traffic is carried over IPSec transport mode and IPSec protocol internally...
  • How to configure VPN Server with single NIC on Windows Server

    'Routing and Remote Access' service that is available as part of Windows Server 2000, Windows Server 2003 and Longhorn server can be configured as a VPN Server with single Network Interface Card (NIC). This configuration is primarily used when there is...
  • RRAS static packet filters - do's and don'ts

    Microsoft RRAS includes a stateless 5 tuple packet filter - also called as Inbound & Outbound packet filters (or static filters). These filters can be applied on any interface - public, private OR per PPP connection too or in other words - it can...
  • Enabling RAS Tracing in Vista/Longhorn Server

    Check http://blogs.technet.com/rrasblog/archive/2005/12/22/416421.aspx for information to enable RAS logs on the earlier Windows Versions. RAS Trace logs help in troubleshooting RAS connections related issues. On the earlier versions of Windows, "netsh...
  • VPN NAP Overview

    Network Access Protection provides a policy enforcement platform that helps in enforcing compliance on the client machines connecting to the network. This is governed by system health policies. Using VPN Enforcement, VPN servers can enforce health...
  • My Windows XP Pro/Windows 2000 Pro as Remote Access (VPN) Server

    You can use your Windows XP Professional or Windows 2000 Professional machine to act as a Remote Access server to support a limited number of Remote Access Clients. You can configure an incoming connection to accept the following connection types: dial...
  • Routing to Multiple Networks behind VPN Server

    Approach 1: On Security stand point use Default Gateway in the remote network else create batch file to add route on each client. The batch file can be created using Client Management Administration Kit (CMAK). CMAK can be used to save or export...
  • Network Performance factors and numbers for RRAS

    This has been a constant source of customer worries - will RRAS performance meet my needs ? How will RRAS compare against other hardware appliances? Please don't think me as a sales person promoting RRAS after you read this blog:). I am an engineer...
  • Deploying NAP support for VPN: Step-by-step guide available at

    Hi All, Setting up VPN NAP using RRAS may seem overly complex in thoughts, but is not so. We now have great step-by-step guide available which walks you though the concepts + each and every step involved to set it up in the lab enviroment, test it...
  • RRAS Remote Access Policy

    I have seen a lot of queries related to remote access policy configuration - why, how, when... Let me try to clarify few of these: What is remote access policy? What is its usage? Remote access policies are an ordered set of rules that define...