Establishing an SSTP connection using the Windows VPN client

by Shijaz Abdulla on 05.04.2010 at 20:25

I was chatting with Tom Shinder this evening when he started an interesting discussion on setting up a Windows VPN connection to use SSTP to connect to the corporate network via Forefront Unified Access Gateway (UAG). This would allow Windows 7 users to connect via SSTP without having to log in to the UAG portal.

So far, we’ve seen it only being done on the UAG Portal – where the user has to log in to the UAG portal and open the Remote Network Access application.

So I fired up my UAG lab VMs to see if this is do-able – and we were successful in getting it to work! Here’s how we did it.


  1. Open the user’s properties in Active Directory Users & Computers. On the Dial-in tab, choose Allow Access under Network Access Permission. Alternatively, you can configure the NPS Network policy accordingly.


  2. On the Windows 7 client machine, create a new VPN connection. (Hint: Network & Sharing Centre –> Set up a new connection or network –> Connect to workplace)
  3. For the newly created connection, set the connection properties as below. The host name will be the same that’s configured on your UAG trunk.


  4. On the Security tab of the VPN connection properties, set the Type of VPN as Secure Socket Tunneling Protocol (SSTP). Select the option to automatically use te Windows logon name and password.


  5. You’re good to go. Make that connection! 🙂