Donnerstag, 18. Dezember 2014

vpn server windows l2tp + sstp

for sstp vpn server follow this guide:

sstp without public CERT revocation list:
REGDWORD: NoCertRevocationCheck 1

REG ADD HKLM\System\CurrentControlSet\Services\Sstpsvc\Parameters /v NoCertRevocationCheck /t REG_DWORD /d 1

REGDWORD: AssumeUDPEncapsulationContextOnSendRule 2

RasSstp EventID 22
"Cannot create a file when that file already exists."

does anybody listen on 443?
SSTP fails:

  • DO NOT SETUP IIS binding on port 443
  • DO NOT setup Remote Desktop Terminal Services gateway on the same Machine

netstat -a | find /I "443"
  TCP            VMxxx:0                LISTENING
  TCP    [::]:443               VMxxx:0                LISTENING
if you dont get similar output you may have problem on ther listener for sstp.

delete sstp urlacl:
netsh http delete urlacl http://+:443/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/

restart services / and/or reboot =>
verify eventlog entries for Remota Access / netstat / sstp connection.

windows 7:
use the powershell script create-ras-connection.ps1 for client deployment
Deploying VPN Connections by Using Windows Powershell and Group Policy

windows 8: PS > Add-VpnConnection