Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Please Help! Microsoft VPN Vs Cisco VPN Client

Could somebody please advise if the Cisco VPN Client is more secure than the Built-in microsoft VPN on windows XP? If the Cisco client is more secure than why? Does the Microsoft one not use IPSEC and just PPTP?

Please advise - Very urgent!

I'm sure a Cisco VPN Concentrator with Cisco Client is more secure but I not sure exactly why.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Please Help! Microsoft VPN Vs Cisco VPN Client

Carlton,

One have to take a deeper look at both, all your questions will be answered after you look at these links.

Ipsec is an opened standard, Cisco VPN client or any VPN client that is Ipsec based must meet these standards. You will learn more by reading these few links bellow, by the end of the reading you will be have a better

perspective as to which client you would be more gear towards using as a network professional.

Personally I have been moving away from PPTP gradually and replacing it with Cisco VPN clients. Don't get me wrong, PPTP is still widely used out there but it is more vulnerable.

With Ipsec based VPN you have a more wide selection of authentication algorythms,

encryptions granularity as a way to implement an extreamely secure VPN architecture for RA.

Introduction to IPsec

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094203.shtml

introduction to PPTP/L2TP

http://www.clavister.com/manuals/ver8.6x/manual/vpn/pptp_basics.htm

Analysis of MS PPTP implemetation and vulnerabilities

http://www.schneier.com/paper-pptp.html

http://www.schneier.com/paper-pptp.pdf

Other workarounds for using MS client using L2TP over Ipsec

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807213a7.shtml

Also, you may do a google search on " hacking PPTP " or " Ipsec" to get a more insight of vulnerabilities.

Rgds

Jorge

7 REPLIES

Re: Please Help! Microsoft VPN Vs Cisco VPN Client

Community Member

Re: Please Help! Microsoft VPN Vs Cisco VPN Client

a.alekseev - Are you trying to say Cisco VPN is better because ut uses DES on the data payload?

Does the MS VPN not encrypt the data payload at all?

Do they both use IPSEC for end to end privacy?

ps - Is tripple DES actually AES?

Would greatly appreciate answers!

Community Member

Re: Please Help! Microsoft VPN Vs Cisco VPN Client

a.alekseev - Are you trying to say Cisco VPN is better because ut uses DES on the data payload?

Does the MS VPN not encrypt the data payload at all?

Do they both use IPSEC for end to end privacy?

ps - Is tripple DES actually AES?

Would greatly appreciate answers!

Re: Please Help! Microsoft VPN Vs Cisco VPN Client

Carlton,

One have to take a deeper look at both, all your questions will be answered after you look at these links.

Ipsec is an opened standard, Cisco VPN client or any VPN client that is Ipsec based must meet these standards. You will learn more by reading these few links bellow, by the end of the reading you will be have a better

perspective as to which client you would be more gear towards using as a network professional.

Personally I have been moving away from PPTP gradually and replacing it with Cisco VPN clients. Don't get me wrong, PPTP is still widely used out there but it is more vulnerable.

With Ipsec based VPN you have a more wide selection of authentication algorythms,

encryptions granularity as a way to implement an extreamely secure VPN architecture for RA.

Introduction to IPsec

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094203.shtml

introduction to PPTP/L2TP

http://www.clavister.com/manuals/ver8.6x/manual/vpn/pptp_basics.htm

Analysis of MS PPTP implemetation and vulnerabilities

http://www.schneier.com/paper-pptp.html

http://www.schneier.com/paper-pptp.pdf

Other workarounds for using MS client using L2TP over Ipsec

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807213a7.shtml

Also, you may do a google search on " hacking PPTP " or " Ipsec" to get a more insight of vulnerabilities.

Rgds

Jorge

Community Member

Re: Please Help! Microsoft VPN Vs Cisco VPN Client

Jorge,

Thanks for taking the time to locate and put together all this information for me. Exactly the sort of reply I was looking for - couldn't have been better!

Carlton

Re: Please Help! Microsoft VPN Vs Cisco VPN Client

Carlton,

You are very welcome, it is a pleasure to help, as a network professionals we are all on the same path and it is good to revisit these links and read them all from time to time.

Thank you for the rating.

Rgds

Jorge

Community Member

Re: Please Help! Microsoft VPN Vs Cisco VPN Client

If you want to user Miicrosoft VPN client with a Cisco device, you have to configure "vpdn" on the Cisco device to activate the PPTP

once done you connect to the cisco device using Microsoft VPN.

You can use Microsoft routing and remote access service on the Cisco device end to authenticate the users using the Active Directory. The RAS can be configured as RADIUS server and Cisco will get the authentication and authorization form the RAS of Microsoft. you can also configure local authentication for vpdn

1393
Views
2
Helpful
7
Replies
CreatePlease to create content