Avatar of Michael Berend
Michael Berend
Flag for Germany asked on

Windows 10 SSTP VPN connection to SoftEther VPN server registers WAN IP rather than client's host name in DNS

I am using the following setup:
1. VPN Server reachable at public IP with SoftEther VPN-Server installed on Debian (listening on port 443)
2. BIND9 and DHCP server installed on Debian
3. Client
  - OS: Windows 10 1803
  - Ethernet NIC with guest internet (allowing ports 80 and 443 outgoing)
    . gets through DHCP an internal IP address 192.168.2.149 by the connected Fritz!box at 192.168.2.1
    . the Fritz!box WAN IP is 87.123.236.76 which resolves in i577bec4c.versanet.de
  - The certificate exported from above server has been imported into Local Computer under Root Certificates
  - Configured Windows SSTP VPN-Client
  - host name is "MyClient"

Issue:
- I can successfully connect the SSTP VPN-Client to the VPN-Server
- The VPN adapter is in connected state with properly assigned IP, netmask, gateway and DNS (like intended by the backend)
- the only issue is, that the DNS registration of my host is NOT the expected "MyClient.psv.local" (as it correctly does with L2TP connection)
- instead it registers the WAN IP 87.123.236.76 (or sometimes its resolved FQDN i577bec4c.versanet.de ) of the ethernet adapter
- I disabled IPv6 on both LAN and VPN adapters, checked "register IP address in DNS" on VPN adapter

I really need the SSTP to work properly, since it is the only way of connecting over TCP 443.
Cannot use SoftEther Client or OpenVPN,because they conflict with the Qbik Wingate soft I installed for internet connection sharing.

Any help would be greatly appreciated.
* SSTPWindows OSDNSVPN

Avatar of undefined
Last Comment
Michael Berend

8/22/2022 - Mon
Qlemo

And why do you need to have a DNS entry for your client? Usually you just leave it to the server to register dial-in IPs. Or maybe the server side registration is working that way - and causing this issue.
Your client does not keep your WAN IP anywhere, so I have no clue where it should come from if not from the server...
ArneLovius

Just because one VPN server registers the client name in DNS, does not mean that other VPN server solution do the same.

If you have a fritzbox running NAT, what do you need wingate for ?
ASKER CERTIFIED SOLUTION
Michael Berend

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy