If you have the 128-bit version of Service Pack 3, your RAS server can be configured to use it:
1. Control Panel / Network / Services / Remote Access Service / Properties.
2. Click Network and Require Microsoft encrypted authentication.
3. Click Require data encryption, OK, Continue, and Close.
4. When prompted to restart, click No.
5. Edit HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\COMPCP
and Add Value name ForceStrongEncryption as a type REG_DWORD and set it to 1.
6. Shutdown and restart.
If a RAS client supports 128-bit encrytion, the event log will contain:
Event ID: 20107
Description: The user RAS connected to port COM1 using strong encryption.
If the RAS client does not support 128-bit RAS encryption, you will see the following event:
Event ID: 20077
Description: An error occurred in the Point to Point Protocol module on
port COM1. The remote computer does not support the
required encryption type.
The client will receive a message 629, indicating the that they have been disconnected.