I’m trying to set up an SSTP VPN on Windows Server 2019 Essentials (I was originally going to use L2TP/IPSec, but the company which manages our network infrastructure doesn’t support it). I’m new to this, so sorry if these are silly questions.
I think I’m OK until it comes to the SSL certificate. We have a domain, which is hosted externally and we have a gateway for our network which has a static IP address (let’s say 126.96.36.199), which is different from that of the domain. It isn’t clear to me:
- What I need to name the connection on the server and on the client
- What I need to name the SSL certificate
- Where I get the SSL certificate from (we’re UK based)
- Whether I need to install the certificate on the client as well as the server.
Really appreciate any help you can give me.
I can’t seem to get the Windows 10 sstp client to connect to the (router) sstp server
I have tried numerous combinations when creating my self signed certificates (ca & server) but I have to admit that I’m a little stumped
CA : https://prnt.sc/rqtkhv + https://prnt.sc/rqtks0 Server : https://prnt.sc/rqtls4 + https://prnt.sc/rqtm0y
Windows 10 : https://prnt.sc/rqtxsq + https://prnt.sc/rqtyfm
Q1) When installing the certificate in Windows I usually select [Local Computer] certificate store rather than [current user]. Is it normal for Windows to also install a copy in the [current user] store ? If so what is the point of this duplicate certificate installation ?
Q2) When installing the certificate into the “Trusted Root Certificate Authorities” for [current user] I obtain the following warning : https://prnt.sc/rqtoyb – why don’t I get this same warning when installing via [Local Computer] ?
Q3) What is the meaning of the yellow triangle with exclamation mark on both [Basic Constraints] and [Key Usage] ? https://prnt.sc/rqtzj0 + https://prnt.sc/rqtzut
Q4) Why doesn’t the SSTP client (https://prnt.sc/rqu1r5) detect the presence of the previously installed (sstp server’s ca) certificate ? https://prnt.sc/rqu0o0
Q5) I feel like my multiple certificate installation attempts may have ‘polluted’ my Windows’ certificate store. Is this possible ? If so is there a way to ‘clean up’ the certificate store (besides manually deleting unwanted certificates) ?
Q6) I believe that this used to work with Windows 10 before but, maybe because of the regular updates, things seem to have changed ?
I’ve established SSTP VPN client on my Ubuntu connecting to SSTP VPN server. I’m using http://sstp-client.sourceforge.net/ SSTP VPN client. And with this network manager plugin https://github.com/enaess/network-manager-sstp.
But I have the issue that I cannot access Internet when VPN is on. The same issue happens on Windows (with Windows built in VPN client) but there I can solve it using https://www.windowstechupdates.com/internet-connection-not-work-sstp-vpn-successfully-connect/.
I’ve tried selecting to “use connection only for its resources”, but no Internet still. When I disable Automatic on Routes and select “use connection only for its resources” I have Internet but no VPN.
Anyone can help me how to allow simultaneous Internet connection?