SSTP connectivity error
-
- Posts: 1
- Joined: Fri Jan 10, 2020 6:54 am
- Location: Limoges-Cite, France
SSTP connectivity error
I am using a SoftEther vpn from last 2 months. I always connect it on my pc with ikev2 and it works fine. But when I try to connect it with sstp it shows a connection error. Why does it happen?
-
- Posts: 50
- Joined: Mon Dec 02, 2019 6:29 am
Re: SSTP connectivity error
First, your VPN Server's certificate (if self-signed) or chain (if issued by a CA) needs to be in your computer's Trusted Root Certificate Authorities certificate store. And there's a chance that you need to have SSTP configured to not check certificate revocation. To do these two steps, you can execute from an elevated command prompt the following (assuming you have a certificate file in the working directory called vpn.crt).
reg add HKLM\SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters /v NoCertRevocationCheck /t REG_DWORD /d 0x00000001 /f
certutil -addstore "Root" vpn.crt
Second, SoftEther doesn't use PEAP or EAP-TLS to authenticate you (it can use PEAP on the backend to RADIUS, though), so your VPN client config needs to use MS-CHAPv2 (I think... or is it PAP? It's been a while.) which means you have to have username/password as the authentication type.
Contrary to popular belief, you can use a different port than 443 with SSTP if your VPN profile simply has the port appended to the hostname, like vpnserver.company.net:7443
reg add HKLM\SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters /v NoCertRevocationCheck /t REG_DWORD /d 0x00000001 /f
certutil -addstore "Root" vpn.crt
Second, SoftEther doesn't use PEAP or EAP-TLS to authenticate you (it can use PEAP on the backend to RADIUS, though), so your VPN client config needs to use MS-CHAPv2 (I think... or is it PAP? It's been a while.) which means you have to have username/password as the authentication type.
Contrary to popular belief, you can use a different port than 443 with SSTP if your VPN profile simply has the port appended to the hostname, like vpnserver.company.net:7443