Tryign to configure SSTP role on server but client won't connect with error 0x800B010F

-

have client single server (ad, dhcp, etc) sitting behind simple ant firewall.  followed sstp configuration guide , followed kb on ca setup stage:

windows vpn (sstp):

read first:

http://support.microsoft.com/kb/961880

setup guide:

http://technet.microsoft.com/en-us/library/cc731352%28ws.10%29.aspx

everything appears correct, except unable connect windows 7 station (only station have test with).

the client returns error 0x800b010f: certificate's cn name not match passed value.

i made sure install server ca cert in client's trusted ca store per guide , in frustration added in vpn certifcate (the 1 public domain name) clients private cert store well.  debugging logs did not help, nore have windows event logs (which restate same error).  i've gone far can skills , use assistance now.  verified rras service using cert public domain name (example: vpn1.public.com).  firewall forwards ports 80 , 443 server (all should required right?) , usual vpn passthrough checkboxes have been enabled.  firewall linksys e3000 (not should matter).

i followed guide close single server scenario (and watched 30 minute video same) , cannot figure out missing.  or suggestions appreciated.

hi,

thank post.

have client single server (ad, dhcp, etc) sitting behind simple ant firewall.
1. if mean server installed ad/dns , rras role, it's not recommended. sstp step-by-step guide requires 2 server dc1 , vpn1.
 
the firewall forwards ports 80 , 443 server (all should required right?) , usual vpn passthrough checkboxes have been enabled.
2. yes, require tcp port 443. configure sstp behind nat firewall, please refer kb947032.
http://support.microsoft.com/kb/947032

the client returns error 0x800b010f: certificate's cn name not match passed value.
3. please check vpn server certificate must have fqdn(vpn1.public.com) in subject name. client should use subject name(vpn1.public.com) connect sstp vpn.
http://support.microsoft.com/kb/947031
http://blogs.technet.com/b/rrasblog/archive/2009/08/12/troubleshooting-common-vpn-related-errors.aspx

if want change sstp binding certificate without run rras, please read article below:
http://support.microsoft.com/default.aspx?scid=kb;en-us;947027
http://blogs.technet.com/b/rrasblog/archive/2007/11/08/do-you-want-to-change-the-certificate-used-by-the-sstp-server-read-how.aspx

if there more inquiries on issue, please feel free let know.
 
regards,
rick tan
technet subscriber support
if technet subscription user , have feedback on our support quality, please send feedbackhere.

rick tan

technet community support




Windows Server  >  Platform Networking



Comments

Post a Comment

Popular posts from this blog

Group Policy Event ID 1058 Error Code 1326 (The user name or password is incorrect)

-
i seeing odd error on 1 of our domain controllers. have dealt event id 1058 errors whereby policy (or policies) not replicating, receiving error along error code 1326 on server, , apparently happening default domain policy: log name:      system source:        microsoft-windows-grouppolicy date:          8/10/2015 3:09:54 pm event id:      1058 task category: none level:         error keywords:      user:          s-1-5-21-1484152634-2550175353-3916092219-3287 computer:      <dc name>.<domainname> description: processing of group policy failed. windows attempted read file http://schemas.microsoft.com/win/2004/08/events/event ">   <system>     <provi...
Read more

Suspicious event log Event ID: 4905

-
hi thr, could please me understand causing such event logs generate ? as  i understand, vssvc.exe pertains volume shadow copy used backup purpose.  we have third party application used taking backup of servers. the event longs generated following messages: 1) attempt made unregister security event source. 2) attempt made register security event source. these events not regular generated on random days. standard fields: date:               2013/10/19 time:               02:32:19 importance:         critical rule name:          security event monitored machine:  <domain controller> log format:         windows log name:           security event id:           4905 in work hours:      yes dynamic fields: internal timestamp: 2013/10/19 ...
Read more

DCOM received error "2147746132" from...

-
hi everybody, i have dc (my windows essentials 2012 server) , windows 2012 server in network.  the windows server 2012 inside domain. on server, got "non stopping" error says in event logs : ===> dcom received error "2147746132" fromd computer xxxx(my dc computer) while server trying activation : {6df8cb71-153b-4c66-8fc4-e59301b8011b} it never stops, got 11000+ new events :s i found : http://support.microsoft.com/kb/971153/fr i'm not sure should ? does got idea ? matthieu. hi, please try solution mentioned in below link: http://www.eventid.net/display-eventid-10006-source-dcom-eventno-272-phase-1.htm regards, cicely Windows Server  >  Windows Server 2012 General ...
Read more