VPN in SSTP
The SSTP tunnel is based on port 443 (HTTPS) which can be used in most WIFI connections.
Setting up the VPN SSTP requires configuring the certificate used for the connection. This must be installed in the personal store of the computer.
To work, the certificate authority must be known to the clients.
It is possible to use a self-signed certificate on the server, in which case the certificate must be installed on the clients in the Trusted Root Certification Authority store. If you are using a standalone or enterprise CA, you just need to deploy the authority certificate.
VPN Service Configuration – Routing and Remote Access
On the VPN server from the Routing and Remote Access console, open the server properties, on the Security tab 1 in the SSL certificate link section, choose the certificate 2 and validate by clicking Apply. 3 and OK 4 .
The changes require a restart of the service, confirm by clicking Yes 1 .
The login host name in the General tab must be a DNS name 1 present in the certificate.
As for the PPTP VPN tunnel, it is possible to force the type in the Security tab 1 by selecting SSTP 2 .
As for the PPTP tunnel, it is possible to force the SSTP tunnel into the network strategy.
Error: The revocation function could not verify the revocation because the revocation server was disconnected
If you are using a self-signed certificate or from a private CA that does not publish the revocation list on the Internet, you must add a registry key to the client to bypass this verification.
Open the registry editor and go to the location : HLM\SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters and add the key (DWORD) NoCertRevocationCheck by assigning it the value 1.