cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3417
Views
2
Helpful
7
Replies

Please Help! Microsoft VPN Vs Cisco VPN Client

ccannon88567
Level 1
Level 1

Could somebody please advise if the Cisco VPN Client is more secure than the Built-in microsoft VPN on windows XP? If the Cisco client is more secure than why? Does the Microsoft one not use IPSEC and just PPTP?

Please advise - Very urgent!

I'm sure a Cisco VPN Concentrator with Cisco Client is more secure but I not sure exactly why.

1 Accepted Solution

Accepted Solutions

Carlton,

One have to take a deeper look at both, all your questions will be answered after you look at these links.

Ipsec is an opened standard, Cisco VPN client or any VPN client that is Ipsec based must meet these standards. You will learn more by reading these few links bellow, by the end of the reading you will be have a better

perspective as to which client you would be more gear towards using as a network professional.

Personally I have been moving away from PPTP gradually and replacing it with Cisco VPN clients. Don't get me wrong, PPTP is still widely used out there but it is more vulnerable.

With Ipsec based VPN you have a more wide selection of authentication algorythms,

encryptions granularity as a way to implement an extreamely secure VPN architecture for RA.

Introduction to IPsec

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094203.shtml

introduction to PPTP/L2TP

http://www.clavister.com/manuals/ver8.6x/manual/vpn/pptp_basics.htm

Analysis of MS PPTP implemetation and vulnerabilities

http://www.schneier.com/paper-pptp.html

http://www.schneier.com/paper-pptp.pdf

Other workarounds for using MS client using L2TP over Ipsec

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807213a7.shtml

Also, you may do a google search on " hacking PPTP " or " Ipsec" to get a more insight of vulnerabilities.

Rgds

Jorge

Jorge Rodriguez

View solution in original post

7 Replies 7

a.alekseev - Are you trying to say Cisco VPN is better because ut uses DES on the data payload?

Does the MS VPN not encrypt the data payload at all?

Do they both use IPSEC for end to end privacy?

ps - Is tripple DES actually AES?

Would greatly appreciate answers!

a.alekseev - Are you trying to say Cisco VPN is better because ut uses DES on the data payload?

Does the MS VPN not encrypt the data payload at all?

Do they both use IPSEC for end to end privacy?

ps - Is tripple DES actually AES?

Would greatly appreciate answers!

Carlton,

One have to take a deeper look at both, all your questions will be answered after you look at these links.

Ipsec is an opened standard, Cisco VPN client or any VPN client that is Ipsec based must meet these standards. You will learn more by reading these few links bellow, by the end of the reading you will be have a better

perspective as to which client you would be more gear towards using as a network professional.

Personally I have been moving away from PPTP gradually and replacing it with Cisco VPN clients. Don't get me wrong, PPTP is still widely used out there but it is more vulnerable.

With Ipsec based VPN you have a more wide selection of authentication algorythms,

encryptions granularity as a way to implement an extreamely secure VPN architecture for RA.

Introduction to IPsec

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094203.shtml

introduction to PPTP/L2TP

http://www.clavister.com/manuals/ver8.6x/manual/vpn/pptp_basics.htm

Analysis of MS PPTP implemetation and vulnerabilities

http://www.schneier.com/paper-pptp.html

http://www.schneier.com/paper-pptp.pdf

Other workarounds for using MS client using L2TP over Ipsec

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807213a7.shtml

Also, you may do a google search on " hacking PPTP " or " Ipsec" to get a more insight of vulnerabilities.

Rgds

Jorge

Jorge Rodriguez

Jorge,

Thanks for taking the time to locate and put together all this information for me. Exactly the sort of reply I was looking for - couldn't have been better!

Carlton

Carlton,

You are very welcome, it is a pleasure to help, as a network professionals we are all on the same path and it is good to revisit these links and read them all from time to time.

Thank you for the rating.

Rgds

Jorge

Jorge Rodriguez

If you want to user Miicrosoft VPN client with a Cisco device, you have to configure "vpdn" on the Cisco device to activate the PPTP

once done you connect to the cisco device using Microsoft VPN.

You can use Microsoft routing and remote access service on the Cisco device end to authenticate the users using the Active Directory. The RAS can be configured as RADIUS server and Cisco will get the authentication and authorization form the RAS of Microsoft. you can also configure local authentication for vpdn

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: