Donnerstag, 18. Dezember 2014

vpn server windows l2tp + sstp

for sstp vpn server follow this guide:
http://advancedhomeserver.com/windows-server-2012-sstp-vpn/

sstp without public CERT revocation list:
http://support.microsoft.com/kb/947054
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sstpsvc\Parameters
REGDWORD: NoCertRevocationCheck 1

REG ADD HKLM\System\CurrentControlSet\Services\Sstpsvc\Parameters /v NoCertRevocationCheck /t REG_DWORD /d 1


IPSEC/L2TP NAT-T:
http://support.microsoft.com/kb/926179
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
REGDWORD: AssumeUDPEncapsulationContextOnSendRule 2

RasSstp EventID 22
"Cannot create a file when that file already exists."

does anybody listen on 443?
SSTP fails:

  • DO NOT SETUP IIS binding on port 443
  • DO NOT setup Remote Desktop Terminal Services gateway on the same Machine


netstat -a | find /I "443"
  TCP    0.0.0.0:443            VMxxx:0                LISTENING
  TCP    [::]:443               VMxxx:0                LISTENING
if you dont get similar output you may have problem on ther listener for sstp.

delete sstp urlacl:
netsh http delete urlacl http://+:443/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/

restart services / and/or reboot =>
verify eventlog entries for Remota Access / netstat / sstp connection.

windows 7:
use the powershell script create-ras-connection.ps1 for client deployment
Deploying VPN Connections by Using Windows Powershell and Group Policyhttp://www.microsoft.com/en-us/download/details.aspx?id=2555

windows 8: PS > Add-VpnConnection
http://technet.microsoft.com/en-us/library/jj554824.aspx



Keine Kommentare: