How to change machine certificate on the SSTP server

  This blog is going to tell about how to change the Certificate to be used for the SSTP Server.   Although, the normal procedure of installing the certificate on RRAS Server for SSTP mentioned in the step by step guide works perfectly fine, this blog is going to talk about how to change the certificate which is…

5

How to change the machine certificate of SSTP based RRAS server

SSTP requires a machine certificate on the RRAS server which needs to be set inside HTTPS listener (i.e. HTTP.SYS). This certificate will be sent to the client during SSL hand-shake stage (like in any other https:// requests). The RRAS server, when configured first time tries read a machine certificate from the machine certificate store and…

3

How to deploy SSTP based VPN server behind a NAT router

Hi All, As you know, SSTP is a new VPN tunnel added in Routing and remote access server role in Windows 2008 server and Vista SP1. This allows PPP packets to be encapsulated over HTTP, hence allowing VPN connection to be established through firewalls/NAT/web proxies. For small to medium size organizations, it is common to…


Deploying SSTP: Step-by-step guide available at

Hi All, SSTP step-by-step guide is available at Windows server 2008 step-by-step guides site i.e. http://download.microsoft.com/download/b/1/0/b106fc39-936c-4857-a6ea-3fb9d1f37063/Deploying%20SSTP%20Remote%20Access%20Step%20by%20Step%20Guide.doc   Or http://technet2.microsoft.com/windowsserver2008/en/library/9f69d438-2723-4e15-836f-8e58ef2827141033.mspx Thanks Jim ! This will give steps to set-up SSTP in a pilot-lab environment. Cheers, Samir JainLead Program Manager (samirj@online.microsoft.com **)RRAS, Windows Enterprise Networking ** Remove the “online” to actually email me  [This posting is provided “AS…


How to configure split tunnelling on VPN clients using CMAK

When a VPN connection is established, by default, ‘Use default gateway on remote network’ checkbox is selected. When this checkbox is selected a new default route for the VPN Connection is added and the existing default route gets a higher metric. Result of this setting is that all the intranet traffic works fine and internet…

3

How to prevent SSTP based VPN connections to be dialed out from my network

So we are back with a post on SSTP – the tunnelling protocol that can help you traverse through NATs and firewalls. SSTP is sure a great way to establish VPN connections in cases where PPTP and L2TP will not work due to the presence of NATs and firewalls. However, some network administrators may not want any…


How to deploy SSTP client connections using Connection Manager Administration Kit (CMAK)

 The steps to configure a RAS client connection using SSTP were listed in one of the previous posts. However, the good news is that Connection Manager can also be used to establish SSTP connections. This makes deploying client connections easier and transparent to the user.     To enable clients to connect using Connection Manager, we…


How to deploy SSTP based VPN server behind a SSL terminator

By now, from all the other posts you might be aware of steps required to configure SSTP server to accept HTTPS connections. SSTP also supports being configured behind a SSL terminator (HTTP Reverse Proxy scenario). With this setup, a SSL terminator can be configured to terminate the SSL session and direct the plain HTTP request…

11

How to configure the RRAS based VPN server to accept SSTP connections

By now, all of you would be aware of what SSTP is and would also have got your questions answered in the FAQ column. We also saw in this blog, how to configure a SSTP client connection.    In this post, let’s quickly look at the steps required to configure the VPN server as a SSTP…

3