SSTP - Windows to RB2011
Hi All, Sorry for that last one - case of typing in the wrong window... Trying to get a SSTP connection between Windows 10 and a Mikrotik RB2011 working, with little to no success. The Mikrotik is configured to listen on port 993 (using port 443 for something else already). I can see attempts coming in, but have been unable to get any useful debugging output. The client is currently connected via Telstra 4G... Has anyone got this working? I know there's other supported VPN protocols, but SSTP looks to be the one best suited to working behind various firewalls & proxies. Cheers. 2016-04-05 20:36 GMT+10:00 Purdon, Bob <bobp@purdon.id.au>:
Hi All,
/sys
Hi Bob, I have had no issues getting L2TP/IPSEC working from Windows on a Telstra 4G widget to my 2011 which is on a dynamic IP (by using the IP->Cloud dynamic DNS service). Jason On 5 April 2016 at 20:39, Purdon, Bob <bobp@purdon.id.au> wrote:
Hi All,
Sorry for that last one - case of typing in the wrong window...
Trying to get a SSTP connection between Windows 10 and a Mikrotik RB2011 working, with little to no success.
The Mikrotik is configured to listen on port 993 (using port 443 for something else already). I can see attempts coming in, but have been unable to get any useful debugging output. The client is currently connected via Telstra 4G...
Has anyone got this working? I know there's other supported VPN protocols, but SSTP looks to be the one best suited to working behind various firewalls & proxies.
Cheers.
2016-04-05 20:36 GMT+10:00 Purdon, Bob <bobp@purdon.id.au>:
Hi All,
/sys
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
--
I have had no issues getting L2TP/IPSEC working from Windows on a Telstra 4G widget to my 2011 which is on a dynamic IP (by using the IP->Cloud dynamic DNS service).
Thanks Jason - in this case the Telstra 4G is just while I'm testing here at home - but in practice I could be connected to and behind pretty much anything. At the moment I tend to ssh into a host at home (that listens on a few different ports) and tunnel over that connection, but would be much more convenient to just bring up a VPN connection.
Yep i agree. IPSec over L2TP is the go. There are some pretty good tutorials around - I found these the best, although I still had to tweak some settings to get it to work 100%. http://www.firstdigest.com/2015/01/mikrotik-l2tp-with-ipsec-for-mobile-clien... https://www.nasa-security.net/mikrotik/mikrotik-l2tp-with-ipsec/ If you still have problems getting it to work I actually created a word doc which I can send you on the exact process I used. Cheers Ben On 6 Apr 2016 06:13, "Jason Hecker (Up & Running Tech)" < jason@upandrunningtech.com.au> wrote:
Hi Bob,
I have had no issues getting L2TP/IPSEC working from Windows on a Telstra 4G widget to my 2011 which is on a dynamic IP (by using the IP->Cloud dynamic DNS service).
Jason
On 5 April 2016 at 20:39, Purdon, Bob <bobp@purdon.id.au> wrote:
Hi All,
Sorry for that last one - case of typing in the wrong window...
Trying to get a SSTP connection between Windows 10 and a Mikrotik RB2011 working, with little to no success.
The Mikrotik is configured to listen on port 993 (using port 443 for something else already). I can see attempts coming in, but have been unable to get any useful debugging output. The client is currently connected via Telstra 4G...
Has anyone got this working? I know there's other supported VPN protocols, but SSTP looks to be the one best suited to working behind various firewalls & proxies.
Cheers.
2016-04-05 20:36 GMT+10:00 Purdon, Bob <bobp@purdon.id.au>:
Hi All,
/sys
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
-- _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
Yep i agree. IPSec over L2TP is the go.
How well does that work from behind various firewalls? (I've not tried, so I don't know)
If you still have problems getting it to work I actually created a word doc which I can send you on the exact process I used.
That'd be awesome if you could - I do have SSTP working, but it's still early days and I'm not adverse to exploring better solutions :-) Cheers.
participants (3)
-
Ben Jackson -
Jason Hecker (Up & Running Tech) -
Purdon, Bob