Certificate for SSTP VPN server

I’m trying to set up an SSTP VPN on Windows Server 2019 Essentials (I was originally going to use L2TP/IPSec, but the company which manages our network infrastructure doesn’t support it). I’m new to this, so sorry if these are silly questions.

I think I’m OK until it comes to the SSL certificate. We have a domain, which is hosted externally and we have a gateway for our network which has a static IP address (let’s say 200.200.200.200), which is different from that of the domain. It isn’t clear to me:

  • What I need to name the connection on the server and on the client
  • What I need to name the SSL certificate
  • Where I get the SSL certificate from (we’re UK based)
  • Whether I need to install the certificate on the client as well as the server.

Really appreciate any help you can give me.

Windows 10 SSTP with self-signed certificates

I can’t seem to get the Windows 10 sstp client to connect to the (router) sstp server

I have tried numerous combinations when creating my self signed certificates (ca & server) but I have to admit that I’m a little stumped

CA : https://prnt.sc/rqtkhv + https://prnt.sc/rqtks0 Server : https://prnt.sc/rqtls4 + https://prnt.sc/rqtm0y

Windows 10 : https://prnt.sc/rqtxsq + https://prnt.sc/rqtyfm

Q1) When installing the certificate in Windows I usually select [Local Computer] certificate store rather than [current user]. Is it normal for Windows to also install a copy in the [current user] store ? If so what is the point of this duplicate certificate installation ?

Q2) When installing the certificate into the “Trusted Root Certificate Authorities” for [current user] I obtain the following warning : https://prnt.sc/rqtoyb – why don’t I get this same warning when installing via [Local Computer] ?

Q3) What is the meaning of the yellow triangle with exclamation mark on both [Basic Constraints] and [Key Usage] ? https://prnt.sc/rqtzj0 + https://prnt.sc/rqtzut

Q4) Why doesn’t the SSTP client (https://prnt.sc/rqu1r5) detect the presence of the previously installed (sstp server’s ca) certificate ? https://prnt.sc/rqu0o0

Q5) I feel like my multiple certificate installation attempts may have ‘polluted’ my Windows’ certificate store. Is this possible ? If so is there a way to ‘clean up’ the certificate store (besides manually deleting unwanted certificates) ?

Q6) I believe that this used to work with Windows 10 before but, maybe because of the regular updates, things seem to have changed ?

regards yann

SSTP VPN works but no Internet connection on Ubuntu

I’ve established SSTP VPN client on my Ubuntu connecting to SSTP VPN server. I’m using http://sstp-client.sourceforge.net/ SSTP VPN client. And with this network manager plugin https://github.com/enaess/network-manager-sstp.

But I have the issue that I cannot access Internet when VPN is on. The same issue happens on Windows (with Windows built in VPN client) but there I can solve it using https://www.windowstechupdates.com/internet-connection-not-work-sstp-vpn-successfully-connect/.

I’ve tried selecting to “use connection only for its resources”, but no Internet still. When I disable Automatic on Routes and select “use connection only for its resources” I have Internet but no VPN.

enter image description here

Anyone can help me how to allow simultaneous Internet connection?