SSTP working then I put it under Hyper-V

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
Bob Bertrand
Posts: 10
Joined: Sun Jul 31, 2022 9:40 pm

SSTP working then I put it under Hyper-V

Post by Bob Bertrand » Mon May 29, 2023 11:53 pm

Original config

Machine 1 SoftEther running on Windows 10 using SSTP only, local bridge and using a current Let's Encrypt certificate (real not self signed)
Machine 2 same LAN as Machine 1 - pfSense (Router software) running on FreeBSD
I come into Softether either from LAN or WAN using Windows built in SSTP client - it gets Softether/Let's Encrypt cert - everything is fine.

Without changing anything on Machine 1, I change Machine 2:

Windows 10 with Hyper-V
Same pfSense but now running as a virtual machine under Hyper-V
pfSense configured same as before (i.e. forward port 443 to Machine 1)
No matter which system I try to connect from, LAN or WAN, all clients get an error message immediately that the certificate is invalid (again, nothing changed on Machine 1 where Softether is running), same cert.

I switched back to running pfSense in a real machine and the certificate is ok.

What could be causing the certificate to appear invalid when going thru Hyper-V? I can share any info you believe would be helpful - I am at a loss to even know where to start to debug this.

Hyper-V and pfSense are both running w/o issue. This is the only problem I've encountered.

Thanks everyone.

Bob Bertrand
Posts: 10
Joined: Sun Jul 31, 2022 9:40 pm

Re: SSTP working then I put it under Hyper-V

Post by Bob Bertrand » Tue May 30, 2023 4:23 pm

I found the problem - on the VM Hyper-V implementation, pfSense uses HTTPS for ITS interface so even though I had a port forwarding rule to forward 443 to SoftEther, pfSense gets priority and forwards 443 to its mgmt interface which is a self signed cert which of course fails. I changed it to HTTP and put it on another port and all works.

Thought I'd share.

Post Reply