locked
VPN SSTP JOIN A COMPUTER TO A DOMAIN THROUGH VPN SSTP ?? RRS feed

  • Question

  • Yes I want to set up a VPN so my other computer not in the domain can join the domain through the VPN and if at all possible i want the VPN to be SSTP and PTTP but i got to looking I can only find that you can only do SSTP VPN when their are already in the domain. But if their are not in the domain yet how can I do SSTP to bring them to the domain ?? and if I can't use SSTP to bring them to the domain what is the next best secure thing BESIDE using PTTP which i DONT want to use if at all possible. And also I would like someone to show me how I can connect to that DOMAIN at the window log on Screen by switching using ETC ( I know how do to do it on the client computer but i dont how to set it up on the server side. I think it deal with NAP but i am not certain. So if someone could help me out it would be really helpfully and thankfully! P.S I am using Window Server 2012 Standard edition it is Domain Controller,AD,DNS,DHCP so basically it does everything on my network! and the Client i want to connected to is window 10 PRO thank you for your time have a great day!
    Thursday, November 19, 2015 9:42 PM

Answers

  • Hi Drake,

    According to your description, you want to use SSTP VPN connection to let non-domain join computers to join the domain.

    If we use SSTP to set up VPN connection, we need to enroll certificate for VPN server, on clients side, we need to have a root CA certificate of the VPN server's computer certificate. For domain joined clients, we can auto-enroll the root certificate, non-domain joined clients need to manually install the root certificate.

    Here is the article about SSTP step-by-step deployment:

    https://technet.microsoft.com/en-US/library/cc731352(v=ws.10).aspx

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Monday, November 23, 2015 2:14 AM
  • Hi Drake

    Further to Anne's response - SSTP requires certs as she has pointed out. The other option you have is to use PPTP or L2TP (L2TP with pre-shared Key). These don't require certs. You have mentioned that you were only able to find PPTP. Can you provide more details about that? If you go to VPN advanced options, click on "Edit" (under the connection properties heading), you should be able to choose PPTP in the VPN Type drop-down.

    Aanand

    Tuesday, November 24, 2015 4:41 AM

All replies

  • Hi Drake,

    According to your description, you want to use SSTP VPN connection to let non-domain join computers to join the domain.

    If we use SSTP to set up VPN connection, we need to enroll certificate for VPN server, on clients side, we need to have a root CA certificate of the VPN server's computer certificate. For domain joined clients, we can auto-enroll the root certificate, non-domain joined clients need to manually install the root certificate.

    Here is the article about SSTP step-by-step deployment:

    https://technet.microsoft.com/en-US/library/cc731352(v=ws.10).aspx

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Monday, November 23, 2015 2:14 AM
  • Hi Drake

    Further to Anne's response - SSTP requires certs as she has pointed out. The other option you have is to use PPTP or L2TP (L2TP with pre-shared Key). These don't require certs. You have mentioned that you were only able to find PPTP. Can you provide more details about that? If you go to VPN advanced options, click on "Edit" (under the connection properties heading), you should be able to choose PPTP in the VPN Type drop-down.

    Aanand

    Tuesday, November 24, 2015 4:41 AM
  • i got it figured out thank you 
    Thursday, December 10, 2015 6:40 AM