Article ID: 929857 - View products that this article applies to.
Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect the computer.
When you try to make a Point-to-Point Tunneling Protocol (PPTP)-based virtual private network (VPN) connection to a VPN server computer, you receive error code 741. This behavior occurs on a computer that is running Windows Vista.
You receive the error code if the VPN server computer is running a version of Windows that is earlier than Windows Vista. For example, you may receive the error code if the server computer is running Microsoft Windows Server 2003 or Microsoft Windows 2000 Server.
This behavior occurs because Windows Vista does not have default support for the 40-bit and for the 56-bit encryption levels under the RC4 algorithm. By default, Windows Vista supports 128-bit encryption.
To work around this behavior, you must configure the encryption settings on the server computer and on the client computer as Method 1 describes.
Additionally, you can configure the client computer to support lower encryption levels as Method 2 describes. However, we do not recommend this configuration.
Method 1Note Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps.
Configure the VPN server computerTo configure the encryption settings on the VPN server computer, follow these steps:
Configure the client computerTo configure the encryption settings on the client computer, follow these steps:
Method 2Warning This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/322756/ )How to back up and restore the registry in Windows
Note Use this method if the server computer does not support 128-bit RC4 encryption.
To provide support for the 40-bit encryption levels and for the 56-bit encryption levels on a client computer that is running Windows Vista, you must configure the AllowPPTPWeakCrypto registry entry. To do this, follow these steps:
Article ID: 929857 - Last Review: January 23, 2007 - Revision: 1.5