1

I have setup a VPN server with Server 2k12 and i have set it up behind an NAT and external/remote clients can connect via PPTP just fine. I was having issues with L2TP but i further read that L2TP has issues when the server is behind a NAT (if this is not entirely true, i would like to know how to get L2TP working as well). So now i am trying to setup SSTP for windows clients.

I already attained a legit certificate with COMODO and got it imported onto my server through IIS. I created the request and then completed it with the response i got from COMODO and i configured my VPN server to use that certificate. All ports are forwarded for L2TP, PPTP, IPSec, HTTPS (443 for SSTP). But i am unable to connect even from a client in the same network as the server. Because of that i marked off a firewall issue as being a possibility.

The error i get on windows 10 is "the remote server is not responding in a timeley fashion"

I have tried to change authentication settings on the client side but that has had no effect. I also have reviewed multiple tutorials on how to setup SSTP and even with the exact settings i still cant connect from either a local client or remote client.

I followed these tutorials:

Setup an SSTP SSL VPN in Windows Server 2012 R2

How to setup an SSTP VPN server with Windows Server

Im fairly new to VPN's so i have just gone with my gut on changing client settings hoping it would connect. From what i can say, the protocols are allowed through the server's firewall and also from the client and home router. Im not sure where its failing. im thinking it could be my certificate? perhaps i bought the wrong one?

Much help appreciated!

xR34P3Rx
  • 197
  • 1
  • 3
  • 15
  • What ports do you have open on the firewall(s) between the internet and your VPN Server? – Drifter104 Oct 06 '16 at 19:00
  • These are the only ports i have open at the moment. I forwarded 443 to the server since its SSTP. http://windowsitpro.com/networking/which-ports-do-you-need-open-firewall-allow-pptp-and-l2tp-over-ipsec-vpn-tunnels – xR34P3Rx Oct 06 '16 at 19:26
  • Run `netstat -aon | find /i "443" `on the server and see if anything is listening on 443. If there is check the PID to find out what process is listening on 443. – Drifter104 Oct 07 '16 at 08:36
  • Ok, i was busy this weekend but now i am able to continue with this. I ran the command and it is listening. it says `tcp 0.0.0.0:443 0.0.0.0:0 LISTENING 4` and the process listening, given by the PID is `System` – xR34P3Rx Oct 10 '16 at 13:20
  • OK, so if you browse to the external IP of the server you should get a 404 page. Do you? Or do you get a different error code? – Drifter104 Oct 10 '16 at 13:37
  • it took me to the default IIS webpage so i disabled the default page and of course it failed to connect. – xR34P3Rx Oct 10 '16 at 15:11
  • Failed to connect so a 5xx error or a 404 error. If you got a 5xx error it is more then likely a problem with the VPN service. – Drifter104 Oct 10 '16 at 15:46
  • I just made sure the default page was turned off and not running and tried reconnecting to myself and it brought up the default IIS page this time. Again, the default website is turned off in IIS. – xR34P3Rx Oct 10 '16 at 16:33
  • ok, this time i tried with HTTPS and it showed the certificate error and i clicked to proceed. This time it came up with the 404. – xR34P3Rx Oct 10 '16 at 16:36

1 Answers1

0

So after doing more troubleshooting with IIS and my VPN server. I removed a Self-Signed Certificate i made before and after i did that i got an error message when going to Routing and Remote Access saying that the certificate i was using does not exist meaning my server, for some reason after changing, it selected the SS Certificate instead of the one i bought. Set the certificate to the correct one and restarted the service. Tried to connect with my client and it worked just fine.

Hope this helps anyone else int he future

xR34P3Rx
  • 197
  • 1
  • 3
  • 15