Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, October 20, 2011 7:01 PM
Hi guys
I was reading this Article and it says I can change SSTP port through regedit.
There are number of questions I want to know.
- I change it through regedit and I know that in the exact same place that I can change sstp port in server 2008 r2 i can do that in win7 too but after changing that the connection didn't work.
- After changing that is there any other steps I need to do?
All replies (8)
Thursday, October 20, 2011 9:37 PM
Hello,
after changing it using registry changes, you have to forward traffic to the server to the new port. This can not be done on client computers so you can use a firewall that perform such forwarding.
This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft Student Partner 2010 / 2011
Microsoft Certified Professional
Microsoft Certified Systems Administrator: Security
Microsoft Certified Systems Engineer: Security
Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft Certified Technology Specialist: Windows 7, Configuring
Microsoft Certified IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer
Thursday, October 20, 2011 9:46 PM
Hi again
So you mean i don't need to change registry in my windows7 and leave it in default?
Lets check if i get it right.
My server 2008 R2 with x.x.x.x IP address and 55098 port for SSTP.
I just have to set my firewall to forward all the x.x.x.x:443 to x.x.x.x:55098
Am I get it right?
Monday, October 24, 2011 8:20 AM | 1 vote
Hi SAYED,
Thanks for posting here.
I think you are right coz client will always connect to TCP port 443 for SSTP connection, so we have to enter the updated Port number of internal server on NAT device if change to use other port for SSTP on internal VPN server.
Please take look the explication in the article below:
SSTP FAQ - Part 3: Server Specific
http://blogs.technet.com/b/rrasblog/archive/2007/01/25/sstp-faq-part-3-server-specific.aspx
Have you tried that and will it works ?
Thanks.
Tiger Li
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Wednesday, October 26, 2011 8:34 AM
Hi Tiger
Thank you.
I read the Link that you gave and I must say unfortunately I don't have a NAT device to redirect 443 port to any other port so i don't know exactly that it's working or not.
Thursday, October 27, 2011 2:39 AM
Hi SAYED,
Thanks for update.
If this server is directly facing internet and we have modified the default service port for SSTP with following the workaround I posted previously then we may specific the new port when try to connect to VPN server on Windows client. New assigned port number should be include when input the VPN server address entry like : “ <VPN server’s internet address>:<new port number> “ in connection properties
Thanks.
Tiger Li
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Thursday, October 27, 2011 6:15 PM
Hi SAYED,
Thanks for update.
If this server is directly facing internet and we have modified the default service port for SSTP with following the workaround I posted previously then we may specific the new port when try to connect to VPN server on Windows client. New assigned port number should be include when input the VPN server address entry like : “ <VPN server’s internet address>:<new port number> “ in connection properties
Thanks.
Tiger Li
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Are you sure about this?
I just test it and it's not working. The error i got was 0x8007274C
Error 0x8007274C: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to responf
Wednesday, August 24, 2016 4:26 PM | 1 vote
Client application in Windows does not accept VPN server port (not the same as MSTSC).
But, you can do additinal port forwarding in client OS,
it will work like replacement of target port.
So, I implemented 3 steps:
1. cmd
netsh interface portproxy add v4tov4 listenport=443 connectport=[alternative port on server] connectaddress=[real server address]
2. add hosts rule, which fits certificate server name, pointing to localhost (C:\Windows\System32\drivers\etc)
127.0.0.1 vpnserver
- in connection properties you must write "vpnserver" instead of [real server address]
Friday, July 28, 2017 2:01 PM
For me it works ! You have to specify your VPN server in the properties of VPN-connection like:
myvpnserver.mydomain.com:9443 (the port you have already assigned to your RRAS/VPN server). Do not forget to add firewall exception on your RRAS/VPN server for this port !