I was setting up SSTP VPN on Windows Server 2016 at home using this tutorial.
This works using a LAN client with Windows 10. The eventlog on the client shows:
The user xxx has established a connection with VPN SSTP using the device VPN4-1. (translated)
Using the same client via WAN (mobile connection / other location) I get the following message in the GUI:
Can not connect to VPN SSTP. The remote connection was not established due to VPN tunneling errors The VPN server may not be available. If an L2TP / IPsec tunnel is used for the connection, the security parameters required for IPsec negotiation may not be configured properly.
In the eventlog I get:
A certificate chain was processed, but ended with a root certificate, which is not considered trustworthy by the trust provider.
As explained in the tutorial I added the certificate I got via http://SERVER/certsrv to the "Trusted Root Certification Authorities". How would you narrow down the error?