Branch Office: Using SSTP for Site-to-Site VPN on Windows Server 2008

In this post I will define how SSTP is different from PPTP and L2TP. I will cover some of the advatanges of this technology which released with Windows Server 2008. Finally I will cover the basic steps to setup SSTP and provide resources for further configuration advice. The end goal is to use SSTP for a site to site VPN over which client computers can share resources.

Note: Certain aspects of SBS and EBS environments mean they are out of scope for this article however, this arcticle is still a good starting point for understanding the principles of SSTP and how they would apply in an SBS or EBS envirnment.

What is SSTP and how is it different than PPTP and L2TP:

SSTP is Secure Socket Tunneling Protocol which is a new form of VPN tunneling protocol and is supported on versions of Windows Server 2008 and Windows Vista with SP1 or greater. SSTP encapsulates PPP traffic on top of HTTPS thus using port 443 which is a commonly open and used port for secure web traffic. Because SSTP uses the SSL port 443 it is different  than PPTP (1723) and L2TP(1701) which are commonly screened out by firewalls and therefore less useful. The difference do not end there. For the purpose of this article SSTP provides administrators with opportunities to configure secure VPN solutions which leverage greater compatibility with firewall which transparently allow traffic.



Leave a Reply

Your email address will not be published. Required fields are marked *