DefinIT

Configuring SSTP VPN connections to Threat Management Gateway 2010

TMG2010SSTP or SSL VPN connections are great for people working on client sites or behind very restrictive firewalls – they only require HTTPS (port 443) to be open to be able to connect. Unfortunately, you need to be running Windows 7 or Server 2008 (or newer) in order to make use of them. Threat Management Gateway 2010 is one option for an SSL VPN endpoint.

SSTP VPN Requirements

  • Clients must be Windows 7/Server 2008 or newer
  • Certificate – either commercial or an internal Certificate Authority
  • Published CRL – SSTP clients check for the Certificate Revocation List of the CA
  • If you already have an SSL listener (e.g. for Exchange publishing rules) then you need a dedicated IP address for the SSTP connection

(more…)