Windows 7 / Networking

Understanding VPN Reconnect

VPN Reconnect is a new feature of Windows 7 and Windows Server 2008 R2 that allows VPN connections to remain alive even when the underlying Internet connectivity for the connection is temporarily lost. VPN Reconnect is designed to make VPN connections more reliable by eliminating the need for users to manually reestablish their connection when it has been interrupted.

In previous versions of Windows, when Internet connectivity is lost, the VPN connection is also lost. This means that if the user was working with an application or had a document open when the interruption occurred, the user's work would be lost. This issue occurred with any of the tunneling protocols supported on previous versions of Windows, including Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol over IPsec (L2TP/IPsec), and SSTP.

With VPN Reconnect, however, which uses the new IKEv2 tunneling protocol with the MOBIKE extension, when the user's Internet connectivity is interrupted, the user's VPN connection remains alive, and when Internet connectivity is restored, the user can continue using her application or working with her open document. VPN Reconnect thus eliminates the need to manually reconnect mobile computers to the corporate network after Internet connectivity is interrupted, thus making it easier for mobile users to access the corporate network and perform their work over a VPN connection.

VPN Reconnect also enables new types of mobile worker scenarios. For example, consider a mobile user who is traveling on a train and using a wireless mobile broadband card to connect her laptop to the Internet and establish a VPN connection to her company's internal network. As the train leaves the station, the user moves out of range of the train station's wireless access point, and the user's Internet connectivity is temporarily lost. The train comes into range of an access point at the next stop a few minutes later, and using VPN Reconnect, the user's VPN connection is automatically and seamlessly restored and she can continue doing her work.

Other scenarios in which VPN Reconnect can benefit mobile users can include maintaining a VPN connection when the user transitions between any of the following:

  • A costly, slow wireless WAN (WWAN) to a cheaper, faster wireless local area network (WLAN), such as when a user is traveling and then arrives at a customer location or at her own home
  • A public wireless network and the corporate wired LAN, such as when a traveling user arrives at work

Note DirectAccess can replace the VPN as the preferred remote access method for many organizations. However, some organizations will continue to use VPNs side by side with DirectAccess, and Microsoft has improved VPN usability in Windows 7 with VPN Reconnect to meet the needs of these organizations. For more information about DirectAccess, see the section titled "Understanding DirectAccess" later in this tutorial.

[Previous] [Contents] [Next]

In this tutorial:

  1. Connecting Remote Users and Networks
  2. Enhancements for Connecting Remote Users and Networks in Windows 7
  3. Understanding IKEv2
  4. Understanding MOBIKE
  5. Understanding VPN Reconnect
  6. Protocols and Features of VPN Reconnect
  7. How VPN Reconnect Works
  8. Understanding DirectAccess
  9. Benefits of DirectAccess
  10. How DirectAccess Works
  11. Windows 7 and Windows Server 2008 R2
  12. Ipv6
  13. IPsec
  14. Perimeter Firewall Exceptions
  15. Implementing DirectAccess
  16. Understanding BranchCache
  17. Benefits of BranchCache
  18. How BranchCache Works
  19. Protocols Supported by BranchCache
  20. Implementing BranchCache
  21. Supported Connection Types
  22. Outgoing Connection Types
  23. Incoming Connection Types
  24. Deprecated Connection Types
  25. Supported Tunneling Protocols
  26. Comparing the Different Tunneling Protocols
  27. Understanding Cryptographic Enhancements
  28. Support for AES
  29. Weak Cryptography Removal from PP TP/L2TP
  30. Supported Authentication Protocols
  31. Understanding the VPN Connection Negotiation Process
  32. Creating and Configuring VPN Connection
  33. Creating a VPN Connection
  34. Initiating a Connection
  35. Terminating a Connection
  36. Viewing Connection Details
  37. Configuring a VPN Connection
  38. Configuring Security Settings for a VPN Connection
  39. Configuring the Tunneling Protocol (s) Used
  40. Configuring Advanced Connection Settings
  41. Configuring the Data Encryption Level
  42. Configuring the Authentication Method Used
  43. Configuring Authentication for IKEv2 connections
  44. Configuring Mobility for IKEv2 Connections
  45. Configuring Dial-Up Connections
  46. Creating a Dial-Up Connection
  47. Advanced Connection Settings
  48. Configuring Incoming Connections
  49. Managing Connections Using Group Policy
  50. Using Remote Desktop
  51. Understanding Remote Desktop
  52. Versions of RDP
  53. RDP 6.1 Features and Enhancements
  54. RDP 7.0 new features and enhancements
  55. RemoteApp and Desktop Connection
  56. Understanding RDC
  57. Understanding Remote Desktop Services Terminology
  58. Configuring and Using Remote Desktop
  59. Enabling Remote Desktop and Authorizing Users on a Single Computer
  60. Enabling Remote Desktop Using Group Policy
  61. Configuring and Deploying Remote Desktop Connection
  62. Configuring Remote Desktop Connection from the Command Line
  63. Configuring Remote Desktop Connection Using Notepad
  64. Configuring Remote Desktop Using Group Policy
  65. Establishing a Remote Desktop Session
  66. Improving Remote Desktop Performance
  67. Troubleshooting Remote Desktop Sessions
  68. Configuring and Using RemoteApp and Desktop Connection