Microsoft KB Archive/254158

From BetaArchive Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Knowledge Base

Dial-In Profile Now Includes Security-Strength Options on Remote Access Policy 'Encryption' Tab

Article ID: 254158

Article Last Modified on 11/1/2006


  • Microsoft Windows 2000 Server

This article was previously published under Q254158


This article describes additions to the Encryption tab for the dial-in profile.


The Encryption tab of the dial-in profile now reflects the different strengths of Internet Protocol Security Data Encryption Standard (IPSec DES) and Microsoft Point-to-Point Encryption (MPPE) RC4. These options are presented as a set of check boxes. The following conditions apply, depending on the check boxes you select:

  • When No Encryption is selected with no other encryption strength, encryption is prohibited in this profile.
  • When No Encryption is selected along with other encryption strengths, encryption is optional at any of the strengths selected.
  • When specific encryption strengths are selected and No Encryption is not included, encryption is required at these strengths.

The actual encryption type is a function of the type of connection. Dial-up and Point-to-Point Tunneling Protocol (PPTP) connections use MPPE RC4. Layer Two Tunneling Protocol (L2TP) connections use IPSec DES encryption. You can select from the following encryption types:

Basic: Specifies 40-bit MPPE RC4 or DES56, depending on the type of connection.

Stronger: Specifies 56-bit MPPE RC4 or DES56.

Strongest: Specifies 128-bit MPPE RC4 or Triple DES56.

Additional query words: win2krelnotes

Keywords: kbinfo KB254158