VPN Server with Windows Server: Installation and Configuration

VPN in SSTP

The SSTP tunnel is based on port 443 (HTTPS) which can be used in most WIFI connections.

Setting up the VPN SSTP requires configuring the certificate used for the connection. This must be installed in the personal store of the computer.

To work, the certificate authority must be known to the clients.

It is possible to use a self-signed certificate on the server, in which case the certificate must be installed on the clients in the Trusted Root Certification Authority store. If you are using a standalone or enterprise CA, you just need to deploy the authority certificate.

VPN Service Configuration – Routing and Remote Access

On the VPN server from the Routing and Remote Access console, open the server properties, on the Security tab 1 in the SSL certificate link section, choose the certificate 2 and validate by clicking Apply. 3 and OK 4 .
Select certificate

The changes require a restart of the service, confirm by clicking Yes 1 .
Restart service

Customer configuration

The login host name in the General tab must be a DNS name 1 present in the certificate.
Connection host name

As for the PPTP VPN tunnel, it is possible to force the type in the Security tab 1 by selecting SSTP 2 .
SSTP type

NPS

As for the PPTP tunnel, it is possible to force the SSTP tunnel into the network strategy.
Type de serveur VPN : SSTP / VPN server type: SSTP

Error: The revocation function could not verify the revocation because the revocation server was disconnected

If you are using a self-signed certificate or from a private CA that does not publish the revocation list on the Internet, you must add a registry key to the client to bypass this verification.

Open the registry editor and go to the location : HLM\SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters et ajouter la clef (DWORD) NoCertRevocationCheck by assigning it the value 1.
NoCertRevocationCheck



Related Posts


GPO: Deploy a certificate

Presentation In this tutorial, we will see how to deploy a certificate on computers using a GPO. Some cases where you may need to distribute a certificate: Internal Certification Authority Appliance c

GPO: Managing Windows Firewall Rules

SummaryPresentationConfiguring Group Policy (GPO)Conclusion Presentation In this tutorial, we will see how to add rules to the Windows Firewall using Group Policy. For information, the Windows Firewal

BranchCache – Installation and Configuration

In this tutorial, we will set up a cache system on file servers to speed up access for remote sites. For that we will set up the BranchCache solution. BranchCache is an extended WAN bandwidth optimiza

Scroll to Top