Page 1 of 1

Setting up Azure with an FQDN

Posted: Sun Jan 14, 2018 4:46 pm
by afzalb
Hi

My situation is this. I'm running SoftEther 4.24, build 9652. I've got IPSEC/L2TP working. My daughter at school can't use that, as they block the traffic. So, I setup MS-SSTP, however they also block that because the DDNS address uses a self-signed certificate.

My work around was to create a CNAME for a sub-domain of a domain I own, with an FQDN that resolves to a DDNS name that's maintained by my router. I then installed my CA signed SSL certificate in SoftEther.

But now the problem is this - my second daughter, who's in Japan, needs azure to connect as neither of the other methods worked for her. Having changed the SoftEther SSSL cert, though, azure isn't working. It fails with "The PPP link control protocol was terminated."

I'm presuming that this is related to azure trying to connect to the softether DDNS address, but failing due to the CA signed certificate taking precedence over the self-signed certificate from SoftEther.

So, is there someway to point azure to my FQDN when making it's connection, rather than the softether.net address?

Re: Setting up Azure with an FQDN

Posted: Thu Jan 18, 2018 11:25 am
by afzalb
*Bump*

Can nobody help me? Is my PPP link error due to my server having a CA issued certificate? Can I point azure to use my FQDN rather than the softether.net address?

Re: Setting up Azure with an FQDN

Posted: Thu Jan 18, 2018 12:06 pm
by afzalb
I've found that if I enable PAP that I can make a connection.

But there's no way that I want to use PAP as it's not secure.

Does anyone have an idea what's going on here?

As an aside, is it possible to enable SNI on softether?

Re: Setting up Azure with an FQDN

Posted: Thu Jan 18, 2018 6:48 pm
by qupfer
PAP would be secured through the outer SSTP layer.

Re: Setting up Azure with an FQDN

Posted: Tue Jan 23, 2018 11:20 am
by afzalb
qupfer wrote:
> PAP would be secured through the outer SSTP layer.

Interesting. I didn't know that. That makes it acceptable then.