No announcement yet.

Radius Authentication for SSTP VPN Access

  • Filter
  • Time
  • Show
Clear All
new posts

  • Radius Authentication for SSTP VPN Access

    Hello team,

    Happy holidays to all. I have been trying to get SSTP vpn to work for sometime now, however, I have run into two problems.
    The first problem is if I used windows authentication I am able to connect to the vpn server but the connection is read as non nap-capable.
    The second problem is that when I tried using radius authentication (my preferred method) I am not able to connect to the vpn server, I get error 691.

    I know the certificate works and the listener port etc is OK as I have verified this.

    Here is myetwork scenarion. VPN server (2008 R2) (Domain) sits behind a firewall with the external IP address natted to the its DMZ address. External access is by its fully qualified domain name e.g.
    NPS (2008 R2 ) also acts as the HRA server.

    Notes: I have read the article done by Petri on deploying an sstp erver (part 2) but in the area to configure the "Connection Request Policy" I am not able to do the folowing because this option is not available in the CRP
    In the Conditionsarea, click the Add… button
    • From the Select condition list, select the option User Groups and click Add…
    • In the new User Groups dialog, click Add Groups and enter the name of the Active Directory group that contains the users you wish to permit access to the SSTP service. Click OK.
    Click Next.
    I need some assistance to get this working. Your help will be appreciated.