VPN Server with Windows Server: Installation and Configuration

VPN in SSTP

The SSTP tunnel is based on port 443 (HTTPS) which can be used in most WIFI connections.

Setting up the VPN SSTP requires configuring the certificate used for the connection. This must be installed in the personal store of the computer.

To work, the certificate authority must be known to the clients.

It is possible to use a self-signed certificate on the server, in which case the certificate must be installed on the clients in the Trusted Root Certification Authority store. If you are using a standalone or enterprise CA, you just need to deploy the authority certificate.

VPN Service Configuration – Routing and Remote Access

On the VPN server from the Routing and Remote Access console, open the server properties, on the Security tab 1 in the SSL certificate link section, choose the certificate 2 and validate by clicking Apply. 3 and OK 4 .
Select certificate

The changes require a restart of the service, confirm by clicking Yes 1 .
Restart service

Customer configuration

The login host name in the General tab must be a DNS name 1 present in the certificate.
Connection host name

As for the PPTP VPN tunnel, it is possible to force the type in the Security tab 1 by selecting SSTP 2 .
SSTP type

NPS

As for the PPTP tunnel, it is possible to force the SSTP tunnel into the network strategy.
Type de serveur VPN : SSTP / VPN server type: SSTP

Error: The revocation function could not verify the revocation because the revocation server was disconnected

If you are using a self-signed certificate or from a private CA that does not publish the revocation list on the Internet, you must add a registry key to the client to bypass this verification.

Open the registry editor and go to the location : HLM\SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters et ajouter la clef (DWORD) NoCertRevocationCheck by assigning it the value 1.
NoCertRevocationCheck


How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

We are sorry that this post was not useful for you!

Let us improve this post!



Related Posts


Hyper-V: Virtual Switch with Port Aggregate – Switch Embedded Teaming (SET)
Introduction In this tutorial, we're going to have how to create a Switch Embedded Teaming virtual switch. Since Windows 2016, it is possible to directly create a virtual switch with a network card teaming. On Windows Server 2012 and Windows Server 2

IPAM: Installing and Configuring IP Address Management on Windows
IP Address Manager (IPAM) is a feature built into Windows Server that allows you to set up an administrator tool and analyze DHCP scopes and have an IP address base within a computer network. In a server environment where multiple Windows DHCP server

Windows Server installation and configuration of the DHCP role
In this tutorial, we will see how to install and configure a DHCP server on Windows Server in an Active Directory environment. As a reminder, the DHCP service makes it possible to distribute IP addresses to the hardware connected to a network that re