The Remote Access VPN Gateway must be configured to prohibit Point-to-Point Tunneling Protocol (PPTP) and L2F.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-207206	SRG-NET-000132-VPN-000470	SV-207206r608988_rule		Medium

Description

The PPTP and L2F are obsolete method for implementing virtual private networks. Both protocols may be easy to use and readily available, but they have many well-known security issues and exploits. Encryption and authentication are both weak.

STIG	Date
Virtual Private Network (VPN) Security Requirements Guide	2024-12-19

Details

Check Text (C-7466r378239_chk)

Verify the VPN Gateway is configured to prohibit PPTP and L2F.

If the VPN Gateway does not be configured to prohibit PPTP and L2F, this is a finding.

Fix Text (F-7466r378240_fix)

Configure the VPN Gateway to prohibit PPTP and L2F.