Microsoft is working on a remote access tunneling protocol for Vista and Longhorn Server that lets client devices securely access networks via a VPN from anywhere on the Internet without concern for typical port blocking issues.
The Secure Socket Tunneling Protocol (SSTP) creates a VPN tunnel that travels over Secure-HTTP, eliminating issues associated VPN connections based on the Point-to-Point Tunneling Protocol (PPTP) or Layer 2 Tunneling Protocol (L2TP) that can be blocked by some Web proxies, firewalls and Network Address Translation (NAT) routers that sit between clients and servers.
The protocol, however, is only for remote access and will not supoort site-to-site VPN tunnels.
Microsoft hopes SSTP will help reduced help desk support calls associated with IPSec VPNs when those connections get blocked by firewalls or routers. In addition, SSTP won’t foster retraining issues because it does not change the end-user VPN controls. The SSTP based VPN tunnel plugs directly into current interfaces for Microsoft VPN client and server software.
Microsoft plans to ship SSTP support in Vista Service Pack 1 and in Longhorn Server. The ship date for Vista SP1 has not been set, but Longhorn is expected to ship in the second half of this year. SSTP will be included in Longhorn Server Beta 3, which is set to ship in the first half of 2007.
Microsoft officials also say they are working with partners — the company declined to name — on adding SSTP to other client devices besides Vista.
Microsoft, VPN, Protocol, Tunnel, News