http://blogs.technet.com/b/rrasblog/archive/2007/01/10/how-sstp-based-vpn-connection-works.aspxIn this blog, I will explain how SSTP based VPN tunnel works - i.e. the data flow during VPN connection coming up and how data transfer occurs. The flow to get VPN connection up looks like: 1) Client gets Internet connectivity and then establishesen-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)http://blogs.technet.com/b/rrasblog/archive/2007/01/10/how-sstp-based-vpn-connection-works.aspx#3252660Tue, 09 Jun 2009 22:12:21 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3252660Forefront TMG (ISA Server) Product Team Blog<p>Hi Everyone: Our third and final planned beta is upon us and I am proud to announce that Forefront TMG</p> <img src="http://blogs.technet.com/aggbug.aspx?PostID=3252660" width="1" height="1">http://blogs.technet.com/b/rrasblog/archive/2007/01/10/how-sstp-based-vpn-connection-works.aspx#1956602Fri, 14 Sep 2007 18:09:08 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:19566022005 east texas high school football schedules<p>2005 east texas high school football schedules</p> <img src="http://blogs.technet.com/aggbug.aspx?PostID=1956602" width="1" height="1">http://blogs.technet.com/b/rrasblog/archive/2007/01/10/how-sstp-based-vpn-connection-works.aspx#608067Thu, 25 Jan 2007 07:59:18 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:608067rrasblog<p>Que: Haven't seen any specs yet, but it would be preferrable to have the connection reference appear as any (yet another <a rel="nofollow" target="_new" href="https://server.some.net/sstpservice">https://server.some.net/sstpservice</a>) URI to client and it would also make sure the web server portion is general HTTP/1.1 compliant with virtualhost -feauters etc. all functioning would be *very* convinient. The second, or is it third already, issue that pops in my mind is to make sure AAA hooks to infrastructure behind is flexible enough, a layered solution like EAP perhaps. (Just remember to include both TTLS &amp; TLS too, only PEAP as CHAP bound is crap for anyone not having _ALL_ their passwords in AD).</p> <p>Ans: Yes it will be HTTP1.1 compliant. The SSTP URI will be something fixed (<a rel="nofollow" target="_new" href="https://server.some.net//sra_">https://server.some.net//sra_</a>{BA195980-CD49-458b-9E23-C84EE0ADCD75}/).</p> <p>Yes - the AAA infrastructure will be flexible and same as RRAS. i.e. you can &nbsp;use &nbsp;radius server for doing AAA with same PPP authentication algorithms (like MSCHAPv2, EAP, PEAP with different inner EAP methods etc).</p><div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=608067" width="1" height="1">http://blogs.technet.com/b/rrasblog/archive/2007/01/10/how-sstp-based-vpn-connection-works.aspx#607839Thu, 25 Jan 2007 02:02:46 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:607839CK<p>Please, please, please strongly consider submitting this to be formally standardized. &nbsp;We don't need another PPTP, L2TP, or Yet Another Proprietary SSL VPN. &nbsp;IPsec stinks, but at least it's a standard and there is at least a chance for interoperability.</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=607839" width="1" height="1">http://blogs.technet.com/b/rrasblog/archive/2007/01/10/how-sstp-based-vpn-connection-works.aspx#605323Tue, 23 Jan 2007 02:23:49 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:605323Network Access Protection (NAP)<p>Happy New Year to everyone! There is some exciting news being announced on the RRAS blog around a new</p> <img src="http://blogs.technet.com/aggbug.aspx?PostID=605323" width="1" height="1">http://blogs.technet.com/b/rrasblog/archive/2007/01/10/how-sstp-based-vpn-connection-works.aspx#603302Sat, 20 Jan 2007 17:53:00 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:603302Anonymous Coward<p>Haven't seen any specs yet, but it would be preferrable to have the connection reference appear as any (yet another <a rel="nofollow" target="_new" href="https://server.some.net/sstpservice">https://server.some.net/sstpservice</a>) URI to client and it would also make sure the web server portion is general HTTP/1.1 compliant with virtualhost -feauters etc. all functioning would be *very* convinient. The second, or is it third already, issue that pops in my mind is to make sure AAA hooks to infrastructure behind is flexible enough, a layered solution like EAP perhaps. (Just remember to include both TTLS &amp; TLS too, only PEAP as CHAP bound is crap for anyone not having _ALL_ their passwords in AD).</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=603302" width="1" height="1">http://blogs.technet.com/b/rrasblog/archive/2007/01/10/how-sstp-based-vpn-connection-works.aspx#602606Sat, 20 Jan 2007 04:45:12 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:602606Stray Thoughts<p>Microsoft is working on a remote access tunneling protocol for Vista and Longhorn Server that lets client</p> <img src="http://blogs.technet.com/aggbug.aspx?PostID=602606" width="1" height="1">http://blogs.technet.com/b/rrasblog/archive/2007/01/10/how-sstp-based-vpn-connection-works.aspx#600056Wed, 17 Jan 2007 21:03:28 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:600056Routing and Remote Access Blog<p>In this FAQ, I will cover client specific queries of SSTP 1) How to enable SSTP based VPN connection</p> <img src="http://blogs.technet.com/aggbug.aspx?PostID=600056" width="1" height="1">