Link to home
Create AccountLog in
Avatar of Michael Berend
Michael BerendFlag for Germany

asked on

Windows 10 SSTP VPN connection to SoftEther VPN server registers WAN IP rather than client's host name in DNS

I am using the following setup:
1. VPN Server reachable at public IP with SoftEther VPN-Server installed on Debian (listening on port 443)
2. BIND9 and DHCP server installed on Debian
3. Client
  - OS: Windows 10 1803
  - Ethernet NIC with guest internet (allowing ports 80 and 443 outgoing)
    . gets through DHCP an internal IP address 192.168.2.149 by the connected Fritz!box at 192.168.2.1
    . the Fritz!box WAN IP is 87.123.236.76 which resolves in i577bec4c.versanet.de
  - The certificate exported from above server has been imported into Local Computer under Root Certificates
  - Configured Windows SSTP VPN-Client
  - host name is "MyClient"

Issue:
- I can successfully connect the SSTP VPN-Client to the VPN-Server
- The VPN adapter is in connected state with properly assigned IP, netmask, gateway and DNS (like intended by the backend)
- the only issue is, that the DNS registration of my host is NOT the expected "MyClient.psv.local" (as it correctly does with L2TP connection)
- instead it registers the WAN IP 87.123.236.76 (or sometimes its resolved FQDN i577bec4c.versanet.de ) of the ethernet adapter
- I disabled IPv6 on both LAN and VPN adapters, checked "register IP address in DNS" on VPN adapter

I really need the SSTP to work properly, since it is the only way of connecting over TCP 443.
Cannot use SoftEther Client or OpenVPN,because they conflict with the Qbik Wingate soft I installed for internet connection sharing.

Any help would be greatly appreciated.
Avatar of Qlemo
Qlemo
Flag of Germany image

And why do you need to have a DNS entry for your client? Usually you just leave it to the server to register dial-in IPs. Or maybe the server side registration is working that way - and causing this issue.
Your client does not keep your WAN IP anywhere, so I have no clue where it should come from if not from the server...
Just because one VPN server registers the client name in DNS, does not mean that other VPN server solution do the same.

If you have a fritzbox running NAT, what do you need wingate for ?
ASKER CERTIFIED SOLUTION
Avatar of Michael Berend
Michael Berend
Flag of Germany image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account