SoftEther VPN User Forum

I alsways get this error message on my client:
A certificate chain was processed, but ends with a root (master) certificate that is not considered as trusted by the trust provider.
I have a fixed IP adress, therefore I disabled the “Dynamic DNS function”. Since one week I’m not able to establish a VPN tunnel.
VPN Type is “Secure Socket Tunneling Protokoll (SSTP)!!
We have already disabled firewall and opened 4 TCP ports 443, 992, 1194, 5555 on the NAT router before the SoftEther Server. Soft Ether Server Software and Client are running on Windows 10 Professional computers.
Properties of Users enables Password Authentication! Do I have to use additional “Encryption Algorithm Settings and a Server Certificate Setting??
What shall I do??

Hi there!, first, we have to determine where is the problem ?, is it the certificates that you are using, is it with firewall policies, is it NAT issue, there are many possibilities about your scenario, so i highly recommend to, first, try to connect to SE server using SE Client, if it's okay, then we can investigate further about the problem.


Good luck (:

deleted

Hi Raafat!
I don't use a certificate!
I don't understand why I should use a certificate when I chose "Password Authentication" when I created a user Profile?
Do I need a certificate for any VPN type "SSTP" connection?

Please try to use VPN Azure.

If you don't want to use VPN Azure, you have to import server cert on the client and connect to DDNS name.
Because SSTP verify cert common name and destination domain name is same.

thisjun wrote:
> Please try to use VPN Azure.
>
> If you don't want to use VPN Azure, you have to import server cert on the
> client and connect to DDNS name.
> Because SSTP verify cert common name and destination domain name is same.


Yes I already tried the connection together with VPN Azure.
On the client using Win10 VPN client I still get the message:
A certificate chain was processed, but ends with a root (master) certificate that is not considered as trusted by the trust provider.

I must admit I didn't install the certificate of the SoftEther's Server! Should I do that, creating a certificate an establishing on the client??

VPN server cert doesn't be used when you use VPN Azure because VPN Azure use dedicated cert for this service.

Did you use domain name of VPN Azure when you connect?

Any update ?
I have the same problem, trying to use the windows built-in client with azure VPN but it doesn't work (PPP link control protocol was terminated)