Event ID 4 — RRAS Secure Socket Tunneling Protocol

Updated: November 29, 2007

Applies To: Windows Server 2008

red

Secure Socket Tunneling Protocol (SSTP) is a new form of virtual private networking (VPN) tunnel with features that allow traffic to pass through firewalls that block PPTP and L2TP/IPsec traffic. SSTP provides a mechanism to encapsulate Point-to-Point (PPP) traffic over the Secure Sockets Layer (SSL) channel of the HTTPS protocol. The use of HTTPS means traffic will flow through TCP port 443, a port commonly used for Web access.

Event Details

Product: Windows Operating System
ID: 4
Source: Microsoft-Windows-RasSstp
Version: 6.0
Symbolic Name: SSTPSVC_LOG_CLIENT_BAD_RESPONSE
Message: The server has refused the Secure Socket Tunneling Protocol (SSTP) request. Either a failure response code or no response code was received. The data portion below contains the response code that was received from the server. This is the HTTP status code present in the response. It can be because the web proxy or the SSTP server might be rejecting the connection, the server might not be configured for SSTP or the server might not have a port available for connection.

Resolve

Check the HTTP status code

The resolution steps vary, according to the HTTP status code.

The only status code that the SSTP service on the client will respond for a failure is HTTP_STATUS_PROXY_AUTH_REQ (Proxy authentication required). An Access Denied message will appear in the dialer user interface on the client computer. Configure the proxy server so that it does not prompt for authentication.

For all other HTTP status codes, review the definition of the HTTP status code. For a list of HTTP status codes, see http://go.microsoft.com/fwlink/?LinkID=82289.

If the Web proxy or the SSTP server is rejecting the connection, the server might not be configured to use SSTP. To check whether the Web proxy server is configured to block the connection to the SSTP URL, try the following link: https://%3cservername%3e/sra_%7BBA195980-CD49-458b-9E23-C84EE0ADCD75%7D/

Verify

To verify that the remote access server can accept connections, establish a remote access connection from a client computer.

To create a VPN connection:

  1. Click Start, and then click Control Panel.
  2. Click Network and Internet, click Network and Sharing Center, and then click Set up a connection or network.
  3. Click Connect to a workplace, and then click Next.
  4. Complete the steps in the Connect to a Workplace wizard.

To connect to a remote access server:

  1. In Network and Sharing Center, click Manage network connections.
  2. Double-click the VPN connection, and then click Connect.
  3. Verify that the connection was established successfully.

Related Management Information

RRAS Secure Socket Tunneling Protocol

Routing and Remote Access Service Infrastructure

Community Additions

ADD
Show: