0

I was setting up SSTP VPN on Windows Server 2016 at home using this tutorial.

This works using a LAN client with Windows 10. The eventlog on the client shows:

The user xxx has established a connection with VPN SSTP using the device VPN4-1. (translated)

Using the same client via WAN (mobile connection / other location) I get the following message in the GUI:

Can not connect to VPN SSTP. The remote connection was not established due to VPN tunneling errors The VPN server may not be available. If an L2TP / IPsec tunnel is used for the connection, the security parameters required for IPsec negotiation may not be configured properly.

In the eventlog I get:

A certificate chain was processed, but ended with a root certificate, which is not considered trustworthy by the trust provider.

As explained in the tutorial I added the certificate I got via http://SERVER/certsrv to the "Trusted Root Certification Authorities". How would you narrow down the error?

Ironori
  • 111
  • 1
  • 6
  • I'd like to help but I'm not going to watch a YouTube video to figure out what steps you took. Do you have any other guides you followed? – Appleoddity Aug 10 '17 at 03:20
  • Most likely the issue is caused by an inability to download the CRL from outside of LAN network. Seems like your CRLs are not configured to be available from WAN. – Crypt32 Aug 10 '17 at 05:32
  • And make sure if root certificate is installed in the machine store (not in current user store). – Crypt32 Aug 10 '17 at 06:05

0 Answers0