Original config
Machine 1 SoftEther running on Windows 10 using SSTP only, local bridge and using a current Let's Encrypt certificate (real not self signed)
Machine 2 same LAN as Machine 1 - pfSense (Router software) running on FreeBSD
I come into Softether either from LAN or WAN using Windows built in SSTP client - it gets Softether/Let's Encrypt cert - everything is fine.
Without changing anything on Machine 1, I change Machine 2:
Windows 10 with Hyper-V
Same pfSense but now running as a virtual machine under Hyper-V
pfSense configured same as before (i.e. forward port 443 to Machine 1)
No matter which system I try to connect from, LAN or WAN, all clients get an error message immediately that the certificate is invalid (again, nothing changed on Machine 1 where Softether is running), same cert.
I switched back to running pfSense in a real machine and the certificate is ok.
What could be causing the certificate to appear invalid when going thru Hyper-V?  I can share any info you believe would be helpful - I am at a loss to even know where to start to debug this.  
Hyper-V and pfSense are both running w/o issue.  This is the only problem I've encountered.
Thanks everyone.
			
									
									
						SSTP working then I put it under Hyper-V
- 
				Bob Bertrand
- Posts: 10
- Joined: Sun Jul 31, 2022 9:40 pm
- 
				Bob Bertrand
- Posts: 10
- Joined: Sun Jul 31, 2022 9:40 pm
Re: SSTP working then I put it under Hyper-V
I found the problem - on the VM Hyper-V implementation, pfSense uses HTTPS for ITS interface so even though I had a port forwarding rule to forward 443 to SoftEther, pfSense gets priority and forwards 443 to its mgmt interface which is a self signed cert which of course fails.  I changed it to HTTP and put it on another port and all works.
Thought I'd share.
			
									
									
						Thought I'd share.
