Event ID 4 — RRAS Secure Socket Tunneling Protocol
Applies To: Windows Server 2008 R2
.jpg)
Secure Socket Tunneling Protocol (SSTP) is a new form of virtual private networking (VPN) tunnel with features that allow traffic to pass through firewalls that block PPTP and L2TP/IPsec traffic. SSTP provides a mechanism to encapsulate Point-to-Point (PPP) traffic over the Secure Sockets Layer (SSL) channel of the HTTPS protocol. The use of HTTPS means traffic will flow through TCP port 443, a port commonly used for Web access.
Event Details
| Product: | Windows Operating System |
| ID: | 4 |
| Source: | Microsoft-Windows-RasSstp |
| Version: | 6.1 |
| Symbolic Name: | SSTPSVC_LOG_CLIENT_BAD_RESPONSE |
| Message: | The server has refused the Secure Socket Tunneling Protocol (SSTP) request. Either a failure response code or no response code was received. The data portion below contains the response code that was received from the server. This is the HTTP status code present in the response. It can be because the web proxy or the SSTP server might be rejecting the connection, the server might not be configured for SSTP or the server might not have a port available for connection. |
Resolve
Check the HTTP status code
The resolution steps vary, according to the HTTP status code.
The only status code that the SSTP service on the client will respond for a failure is HTTP_STATUS_PROXY_AUTH_REQ (Proxy authentication required). An Access Denied message will appear in the dialer user interface on the client computer. Configure the proxy server so that it does not prompt for authentication.
For all other HTTP status codes, review the definition of the HTTP status code. For a list of HTTP status codes, see https://go.microsoft.com/fwlink/?LinkID=82289.
If the Web proxy or the SSTP server is rejecting the connection, the server might not be configured to use SSTP. To check whether the Web proxy server is configured to block the connection to the SSTP URL, try the following link: https://%3cservername%3e/sra_%7BBA195980-CD49-458b-9E23-C84EE0ADCD75%7D/
Verify
To verify that the remote access server can accept connections, establish a remote access connection from a client computer.
To create a VPN connection:
- Click Start, and then click Control Panel.
- Click Network and Internet, click Network and Sharing Center, and then click Set up a connection or network.
- Click Connect to a workplace, and then click Next.
- Complete the steps in the Connect to a Workplace wizard.
To connect to a remote access server:
- In Network and Sharing Center, click Manage network connections.
- Double-click the VPN connection, and then click Connect.
- Verify that the connection was established successfully.