Comment 3 for bug 2041751

Microsoft has implemented an IPSec stack: https://learn.microsoft.com/en-us/windows/win32/fwp/ipsec-configuration#how-to-use-wfp-to-configure-ipsec-policies

"The Microsoft implementation of IPsec uses Windows Filtering Platform to setup IPsec policies."

This page is a bit thin on which applications to open, which buttons to click, etc, but they do have IPSec available in their ecosystem.

Microsoft has implemented LT2P: https://learn.microsoft.com/en-US/troubleshoot/windows-server/networking/configure-l2tp-ipsec-server-behind-nat-t-device

"This article describes how to configure a L2TP/IPsec server behind a NAT-T device."

A third party has implemented OpenVPN for Windows: https://openvpn.net/client/client-connect-vpn-for-windows/

"For Windows 7, 8, 10, and 11.
Note: Windows 7 and 8 are not officially supported anymore."

A third party has implemented Wireguard for Windows: https://www.wireguard.com/install/#windows-7-81-10-11-2008r2-2012r2-2016-2019-2022

" Windows [7, 8.1, 10, 11, 2008R2, 2012R2, 2016, 2019, 2022 – v0.5.3]"

Selecting a replacement requires some effort on the part of the network administrator with knowledge of what features and operating systems they need for their environment.

I think pptp is bad enough that removing it makes sense.

On the other hand, we still have telnet, and there's appropriate uses and inappropriate uses, and maybe this falls into the same category of compatibility software where users should expect a significant reduction in security if it is used.

Thanks