Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the google-analytics-dashboard-for-wp domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in C:\inetpub\vhosts\gck.org.uk\httpdocs\c7solutions\wp-includes\functions.php on line 6114
SSPT RRAS VPN with Wildcard Certificate–Client Issues – Brian Reid – Microsoft 365 Subject Matter Expert

SSPT RRAS VPN with Wildcard Certificate–Client Issues


If you set up an SSTP VPN on Windows RRAS server and are using a wildcard certificate, there are client settings to fix before the client can connect.

If you run the Windows 10 client through the default setup for a VPN you get the following error.

image

This reads “The remove access connection completed, but authentication failed because the certificate on the server computer does not have a server name specified”

Note that this blog is based on 1709, so the steps are slight different than earlier builds as more of the settings have moved to the modern settings dialogs.

Right click the network/wifi icon on the task bar and choose “Open Network  Internet Settings” (with two spaces in the middle – oops, UI bug)

image

This shows the following dialog in Windows 10 RS3 (1709). If on an earlier build you are now on the old style network settings, which is where we are heading anyway

image

Click Status

image

Click Change adapter options

This is the classic Windows networking screen from a number of versions of Windows

Right-click the network connection for the VPN you are having an issue with and choose Properties

image

Change to the Security tab

Then change your settings as shown below:

image

Data encryption: Require encryption

Authentication: Use Extensible Authentication Protocol (EAP): Microsoft Secured password (EAP-MSCHAP v2) (…)

And finally if your machine is a member of the domain that you are signing into, click properties and check the only option here


Posted

in

, ,

by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.