When we talk about Virtual Private Network (VPN), we often have to use ‘tunneling protocol’ term. Basically, tunneling protocol is communication protocol, which facilitates the data transfer from one network to another. While configuring a VPN connection, you can configure the connection based on these protocols such as PPTP, L2TP/IPSec, SSTP, IKEv2.
When you use PPTP based VPN, a widely used password-based authentication protocol is Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2). Microsoft recommends that you must use MS-CHAP v2 in encapsulation with PPTP for secure configuration.
Here, another important fact is that MS-CHAP v2 is the main authentication option utilized for Protected Extensible Authentication Protocol (PEAP). Worth to mention here that EAP framework is often used in network connectivity. PEAP basically encapsulates EAP with authentic and encrypted TLS tunnel. Microsoft often advices to use MS-CHAP v2 with PEAP in the organizations. The reason behind this is simple and straightforward, to maintain security of your VPN and make it more reliable.
While using MS-CHAP v2, you can allow automatic use of your Windows logon for authentication. Here is how you can configure that setting in Windows 10.
Automatically Use Your Windows Logon Name And Password For VPN Authentication
1. Press + R to open Run, type ncpa.cpl
and click OK.
2. In Network Connections window, right click on your VPN connection and select Properties.
3. On VPN property sheet, switch to Security tab. Select Allow these protocols and make sure you’ve Microsoft CHAP Version 2 (MS-CHAP v2) option is checked. Then you can check Automatically use my Windows logon name and password (and domain if any) option. Click OK.
Close Network Connections and return to Desktop, if you like.
The settings you’ve just configured should be in effect now. This means you can use your Windows credentials to authenticate VPN now.
That’s it!
See also: Configure VPN On Windows Server 2019.
2 Comments
Add your comment
Dear Kapil
After the Windows 10 May 2020 update this is not working anymore.
Instead of just connecting we get a Sign in window and we must enter our password when trying to connect to the VPN.
See for example answers.microsoft.com/en-us/windows/forum/all/upgrade-to-windows-10-2004-vpn-l2tp-fail/d97f3dc0-f135-4ebe-a8a7-c6e7b6fe9ff9?page=1
Do you know of a solution for this since we seem to not get an answer directly from Microsoft.
^^ Thanks for your comment, I will investigate this and revert back to you.