Dial-up Networking Entry - Security Tab

Article
07/03/2012

Applies To: Windows Server 2008, Windows Server 2012

The security settings you assign to a dial-up networking entry must match the settings on the remote access server to which this entry corresponds. The settings are determined by the configuration of the remote access server. You can specify whether or not encryption is required, and the authentication protocol that is used.

Setting	Description
Data encryption	Specifies the encryption type to use for the data stream to and from the remote VPN server. Choices include: No encryption. The data is sent in plain text. The connection fails if the VPN server requires data encryption. Optional encryption. The data is encrypted only if requested by the VPN server. Require encryption. The data is encrypted. The connection fails if the VPN server does not support encrypted data. Maximum strength encryption. The data is encrypted by using the strongest encryption supported by both computers. The selection made must be compatible with the encryption requirements of the remote server, or else the connection fails.
Use Extensible Authentication Protocol	Specifies that logon authentication uses EAP, with the option of using smart cards or other certificates. If you select this setting, you must configure the EAP or certificate options by clicking Properties. For more information about the Protected EAP Properties page or the Smart Card or other Certificate Properties page, press F1 while viewing those pages.
Authentication methods	Specifies other means for transmitting the authentication information to the server. These are older authentication protocols that you can use only if the dial-up server requires them. It is recommended that you avoid the use of PAP, because it transmits your user name and password in plaintext over the network.

Data encryption

Specifies the encryption type to use for the data stream to and from the remote VPN server. Choices include:

No encryption. The data is sent in plain text. The connection fails if the VPN server requires data encryption.
Optional encryption. The data is encrypted only if requested by the VPN server.
Require encryption. The data is encrypted. The connection fails if the VPN server does not support encrypted data.
Maximum strength encryption. The data is encrypted by using the strongest encryption supported by both computers.

The selection made must be compatible with the encryption requirements of the remote server, or else the connection fails.

Use Extensible Authentication Protocol

Specifies that logon authentication uses EAP, with the option of using smart cards or other certificates. If you select this setting, you must configure the EAP or certificate options by clicking Properties. For more information about the Protected EAP Properties page or the Smart Card or other Certificate Properties page, press F1 while viewing those pages.

Authentication methods

Specifies other means for transmitting the authentication information to the server. These are older authentication protocols that you can use only if the dial-up server requires them.

It is recommended that you avoid the use of PAP, because it transmits your user name and password in plaintext over the network.

For more information about configuring dial-up networking entries, see https://go.microsoft.com/fwlink/?LinkId=80957 on the Microsoft Web site.

Dial-up Networking Entry - Security Tab

Additional resources