By now, you probably are aware of this new VPN tunneling protocol which can work across NAT, web proxies and firewall. If you are familiar with the Windows Vista way of configuring and using VPN, go to the connection "Properties" page and change the "Type of VPN" to "Secure Socket Tunneling Protocol (SSTP)" instead of the default "Automatic".
If you are not so familiar with the connection configuration steps, here they are.
This is a one-time operation and subsequently, when the connection is used to connect, the SSTP protocol will be used.
Since SSTP is based out of SSL, the VPN server (configured with SSTP) will provide a certificate for the client to trust. You might want to configure the trusted root certificate so that the server's certificate is trusted by the client. SSTP will require the trusted root ceritificate to be there as a part of Machine Certificate Store. For domain joined machines, where in the server certificate is from the same domain as the client itself, this certificate is most-likely to be there by default.
As mentioned in this space earlier, this new VPN tunnel type is being added for Vista SP1 and Longhorn Server. If you are interested in the Longhorn Server beta program, do let us know at firstname.lastname@example.org. We would love to have you try out this new VPN technology and give us feedback.
Keep a watch on this blog space for more information towards this new VPN protocol.
Kadirvel C. Vanniarajan
Software Design Engineer
RRAS, Windows Enterprise Networking
[This posting is provided "AS IS" with no warranties, and confers no rights.]