none
Forefront TMG - SSTP Issue RRS feed

  • Question

  • Hello,

    I setted up a VPN Gateway for users remote access. Everything works very well with PPTP, but as some user encounter sometimes issues connecting that way on some Wifi public networks, some hotels, etc., I tried to implement SSTP.

    I use a SSL certificate from a public CA

    I succeed to make it work, but with a to big issues :

    1- If SSTP is enabled, PPTP doesn't work anymore. If i disable SSTP, PPTP restart to work.

    2- SSTP session won't end, even if a user disconnect or is disconnected. When he reconnect the VPN Client, it create a new session,  and max VPN session number (set to 100) is reached in 8 hours of activity, resulting in VPN client showing error message 807. Usually with PPTP, I have only 30 sessions maximum.

    Disabling SSTP, my VPN Gateway recovers full normal behaviour.

    When SSTP is enabled and PPTP doesn't work anymore, logs show the following error :

    Échec de la connexion / Connexion failed SRV-VPN-01 31/05/2012 11:59:37
    Type de journal : Service Pare-feu / Firewall service

    État : Une tentative de connexion a échoué car le parti connecté n’a pas répondu convenablement au-delà d’une certaine durée ou une connexion établie a échoué car l’hôte de connexion n’a pas répondu. / A connexion attempt failed cause the connected peer did not correctly respond before timeout or the connexion host didn't respond

    Règle : [System] Autoriser le trafic du client VPN vers Forefront TMG / Authorize trafic from VPN Client to Forefront TMG
    Source : Externe (80.214.9.141:1031)
    Destination : Hôte local (10.183.63.30:1723)
    Protocole : PPTP
    Informations supplémentaires
    • Nombre d'octets envoyés : 0 Nombre d'octets reçus : 0
    • Temps de traitement : 20998ms Adresse IP originale du client : 80.214.9.141


    I searched for such issue, but didn't succeed to find a similar case. Does somebody have an idea ?

    lundi 4 juin 2012 14:11

Réponses