Hello,
I've tested the Azure Point to Site VPN and would like to configure a server (Windows 2012) on my own infrastructure to allow the same connection mode (SSTP and certificat based authentication). I'm not an IT guy and i'm a little bit lost in all the RRAS and NPS configuration.
So far i've managed to do the following:
- Create a self-signed certificat to act as my trusted root (the one you upload on Azure)
- Create a self-signed certificat for SSTP (sstp.mydomain.com)
- Install VPN with RRAS
- Configure RRAS to use my certificat for SSTP
- Configure RRAS to use EAP
- Configure NPS to use PEAP and Secure Password (EAP-MSCHAP v2)
- Create a Client Connection using CMAK which register the SSTP certificat and add routes.
This works and i can install the connection on a client computer and connect to the vpn using a login/password and have my routes added and working.
Now my problem is how to configure RRAS or NPS so that i can use certificats generated using my trusted root as an authentication mechanism ? If anyone has a step by step guide for newbies including prerequisites it would be great :)
Thanks,
Guillaume Rouchon - MVP VisualStudio ALM - Blog (FR) : http://blog.qetza.net - Blog (EN) : http://blog.qetza.net/en/