Windows 7 / Networking

Configuring the Authentication Method Used

Under Authentication on the Security tab are two authentication methods that your connection can use:

  • Use Extensible Authentication Protocol (EAP) Selecting this authentication method lets you choose from one of the following three protocols for authenticating the VPN connection:
    • Protected EAP (PEAP)
    • EAP-MSCHAPv2
    • Smart Card Or Other Certificate
    All three of these options ensure the security and data integrity of the EAP conversation by using encryption. The default setting here for a new connection is EAP-MSCHAPv2, which is also known as Secure Password.
    Additional authentication settings for EAP can be configured by clicking Properties. These additional settings depend on which EAP authentication method you have selected. Specifically:
  • If PEAP is selected, clicking Properties lets you configure various authentication settings including client-side NAP settings. For more information on implementing NAP in enterprise environments, see the "Windows Server 2008 Networking and Network Access Protection (NAP)" volume in the "Windows Server 2008 Resource Kit" from Microsoft Press at
  • If EAP-MSCHAPv2 is selected, clicking Properties lets you configure the connection to automatically use your Windows logon credentials for authenticating the connection.
  • If Smart Card Or Other Certificate is selected, clicking Properties lets you specify whether to use a smart card or other digital certificate for authenticating the connection. For example, if you are using certificates stored on the local computer rather than smart cards, you can select the Use A Certificate On This Computer option to enable certificates to be used for authenticating VPN connections. Selecting the Use Simple Certificate Selection (Recommended) option enables Windows Vista to determine which certificate on the computer should be used for VPN authentication. Selecting the Valid Server Certificate option forces the client computer to verify that the certificate of the remote VPN server is valid (this option is selected by default). You should also specify the trusted root authorities you want the client computer to trust, and you can optionally specify the IP address or FQDN of your CA in the Connect To These Servers text box.
  • Allow These Protocols Selecting this authentication method lets you choose one or more of the following authentication protocols to be used by your connection:
    • PAP
    • CHAP
    • MS-CHAP v2
      In addition, you can choose whether to configure the connection to automatically use your Windows logon credentials. Note that the choice of using PAP, CHAP, or MSCHAPv2 applies only to PPTP, L2TP/IPsec, and SSTP tunnels; IKEv2 tunnels can only use EAP-MSCHAPv2 or certificates (see the next section for details).
[Previous] [Contents] [Next]

In this tutorial:

  1. Connecting Remote Users and Networks
  2. Enhancements for Connecting Remote Users and Networks in Windows 7
  3. Understanding IKEv2
  4. Understanding MOBIKE
  5. Understanding VPN Reconnect
  6. Protocols and Features of VPN Reconnect
  7. How VPN Reconnect Works
  8. Understanding DirectAccess
  9. Benefits of DirectAccess
  10. How DirectAccess Works
  11. Windows 7 and Windows Server 2008 R2
  12. Ipv6
  13. IPsec
  14. Perimeter Firewall Exceptions
  15. Implementing DirectAccess
  16. Understanding BranchCache
  17. Benefits of BranchCache
  18. How BranchCache Works
  19. Protocols Supported by BranchCache
  20. Implementing BranchCache
  21. Supported Connection Types
  22. Outgoing Connection Types
  23. Incoming Connection Types
  24. Deprecated Connection Types
  25. Supported Tunneling Protocols
  26. Comparing the Different Tunneling Protocols
  27. Understanding Cryptographic Enhancements
  28. Support for AES
  29. Weak Cryptography Removal from PP TP/L2TP
  30. Supported Authentication Protocols
  31. Understanding the VPN Connection Negotiation Process
  32. Creating and Configuring VPN Connection
  33. Creating a VPN Connection
  34. Initiating a Connection
  35. Terminating a Connection
  36. Viewing Connection Details
  37. Configuring a VPN Connection
  38. Configuring Security Settings for a VPN Connection
  39. Configuring the Tunneling Protocol (s) Used
  40. Configuring Advanced Connection Settings
  41. Configuring the Data Encryption Level
  42. Configuring the Authentication Method Used
  43. Configuring Authentication for IKEv2 connections
  44. Configuring Mobility for IKEv2 Connections
  45. Configuring Dial-Up Connections
  46. Creating a Dial-Up Connection
  47. Advanced Connection Settings
  48. Configuring Incoming Connections
  49. Managing Connections Using Group Policy
  50. Using Remote Desktop
  51. Understanding Remote Desktop
  52. Versions of RDP
  53. RDP 6.1 Features and Enhancements
  54. RDP 7.0 new features and enhancements
  55. RemoteApp and Desktop Connection
  56. Understanding RDC
  57. Understanding Remote Desktop Services Terminology
  58. Configuring and Using Remote Desktop
  59. Enabling Remote Desktop and Authorizing Users on a Single Computer
  60. Enabling Remote Desktop Using Group Policy
  61. Configuring and Deploying Remote Desktop Connection
  62. Configuring Remote Desktop Connection from the Command Line
  63. Configuring Remote Desktop Connection Using Notepad
  64. Configuring Remote Desktop Using Group Policy
  65. Establishing a Remote Desktop Session
  66. Improving Remote Desktop Performance
  67. Troubleshooting Remote Desktop Sessions
  68. Configuring and Using RemoteApp and Desktop Connection