We have a 2k12 r2 box as an RRAS VPN server. Currently all the remote clients are on a PPTP connection using the domain authentication for username and password. This works fine as most most of the remote users are in the country. However there is 1 problematic user over in china.
We have done some research on this and PPTP connections are too easily seen by the Chinese firewall and as such blocked.
I am looking into adding in an IKEv2 or IPSec connection protocol. However with this already existing infrastructure I am hesitant to implement another protocol and risk breaking a lot of things. I'm still fairly new to VPN and RRAS's. I have made changes on existing setups just haven't added anything in myself.