Windows 10 Built in VPN client - Unable to connect with SSTP

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
Svadilfari
Posts: 8
Joined: Wed Mar 30, 2022 9:43 am

Windows 10 Built in VPN client - Unable to connect with SSTP

Post by Svadilfari » Mon Apr 04, 2022 1:24 pm

Hi!

I try to connect with the built in client in windows 10 to softether SSTP but it fails.
I have opened in firewall for tcp/443
I have activated SSTP in Softether
L2TP connections work to softether so there is nothing wrong with the user settings in the virtual hub
I have added let´s encrypt cert with correct CN name.
I have added the SSTP connection in Win10 and activated PAP on the adapter

All i get in the logs is:
2022-04-04 15:21:35.032 On the TCP Listener (Port 443), a Client (IP address *.*.*.*, Host name "host-*-*-*-*.*.com", Port number 44879) has connected.
2022-04-04 15:21:35.032 For the client (IP address: *.*.*.*, host name: "host-*-*-*-*.com", port number: 44879), connection "CID-269" has been created.
2022-04-04 15:21:35.072 SSL communication for connection "CID-269" has been started. The encryption algorithm name is "ECDHE-RSA-AES256-GCM-SHA384".
2022-04-04 15:21:56.276 Connection "CID-269" terminated by the cause "Connection has been disconnected." (code 3).
2022-04-04 15:21:56.276 Connection "CID-269" has been terminated.
2022-04-04 15:21:56.276 The connection with the client (IP address *.*.*.*, Port number 44879) has been disconnected.

solo
Posts: 356
Joined: Sun Feb 14, 2021 10:31 am

Re: Windows 10 Built in VPN client - Unable to connect with SSTP

Post by solo » Mon Apr 04, 2022 10:45 pm

What error the client logs? If "error 720", check this.

Svadilfari
Posts: 8
Joined: Wed Mar 30, 2022 9:43 am

Re: Windows 10 Built in VPN client - Unable to connect with SSTP

Post by Svadilfari » Tue Apr 05, 2022 7:00 am

Already gone through all the steps in that guide, did not work. :(

Actually i think it has something to do with the:

Code: Select all

/etc/ssl/openssl.cnf
CipherString = DEFAULT@SECLEVEL=2
When i installed softether i had to change it to 1 because of warnings.

I will now install the latest version from source instead of using the old version in debian repository.

Svadilfari
Posts: 8
Joined: Wed Mar 30, 2022 9:43 am

Re: Windows 10 Built in VPN client - Unable to connect with SSTP

Post by Svadilfari » Mon Apr 11, 2022 3:58 pm

Yes this was it.
Upgrade to latest version and make sure openssl is configured with:
/etc/ssl/openssl.cnf
CipherString = DEFAULT@SECLEVEL=2

Post Reply