VPN connections that use PPTP or L2TP/IPsec can have problems when the VPN client and VPN server are separated by firewalls, NATs, or proxy servers. For example, firewalls must support the forwarding of GRE-encapsulated PPTP traffic or ESP-protected L2TP traffic. For PPTP-based VPN clients, NATs must support a PPTP NAT editor. Proxy servers typically do not support the forwarding of PPTP or L2TP/IPsec traffic.

To address VPN connectivity issues in the presence of firewalls, NATs, and proxy servers, the Secure Socket Tunneling Protocol (SSTP) in Windows Vista with Service Pack 1 and Windows Server 2008 uses HTTP over Secure Sockets Layer (SSL) and TCP port 443. SSL is also known as Transport Layer Security (TLS). HTTP over SSL is the protocol ...