If you are following the miniseries so far, you are now in a position get your clients connecting to the new SSTP Server. One of the main limitations of Group Policy is its inability to distribute VPN configurations to clients, but with the launch of System Center 2012 R2 Configuration Manager, this shortfall has finally been addressed. In this post, I will guide you through the steps to manually configure an SSTP client. You can, of course, modify these steps for your specific purposes, but the basic concepts will not deviate too much.
Need to catch up? Check out our first article in the series, in which we introduced the objectives and architecture of Remote Network Access. In part two, we began the process of installing and configuring the SSTP servers to support and implement our client’s VPN Connection.
Only Windows 7 and newer clients support tunnels in SSTP. You will need to repeat the steps on each client computer that will be connecting to the SSTP server
The wizard will now complete, and your new profile will be generated. However, before we can make good use of the profile, we do need to apply some changes as the default settings are not secure enough for our requirements.
At this stage we should now be able to verify that everything has worked to plan, and test a VPN connection from our clients to the VPN service. If you have problems with the service at this point, take a look back at each step and ensure that we have all the components in place. Also refer to the logs available on the clients’ NPS and RRAS servers to determine where the challenges are sourced from.
Once the solution is online and working we will take the configuration a step further and enable Network Access Protection support, which will allow us to ensure that users are maintaining their computers and that we can safely trust the devices connecting to our network. Looking forward to next time!