Ultimate Guide How to Make SSTP VPN Server on Mikrotik

This post will discuss in detail How to Make SSTP VPN Server on Mikrotik.

SSTP (Secure Socket Tunneling Protocol) is a form of VPN (Virtual Private Network) that uses TLS 1.0 channel and runs on TCP port 443 (SSL) protocol. In order to use SSTP with optimal security, we must add an SSL certificate for the connection between Server and Client. This makes SSTP VPN more secure (secure) than PPTP VPN.

However, if the Server and Client are both using Mikrotik RouterOS version 5.0beta and above, then you can also not use an SSL certificate. The use of an SSL certificate is required to connect to non-Mirotik clients, for example using a Windows OS PC/Laptop.

In this Mikrotik tutorial, we will discuss how to create an SSTP VPN server on Mikrotik and connect it to a client that also uses Mikrotik. OK, let’s get started.

How to Make SSTP VPN Server on Mikrotik

1. Login to Mikrotik which will be used as SSTP VPN Server via Winbox Mikrotik.

2. Enable SSTP VPN Server by going to the PPP menu –> Interface tab click SSTP Server –> Check the Enabled option

How to Make SSTP VPN Server on Mikrotik
How to Make SSTP VPN Server on Mikrotik

3. Pay attention to the Default Profile option. Select the Profile to be used. Here I use the Profile that I created by using the IP Pool.

4. Also pay attention to the Authentication option. Just select mschap2, otherwise uncheck it. This is done to force the SSTP Server to use the mschap2 protocol only in the authentication process so that it is more secure and will make it easier for us later when setting up the Windows client. Click OK.

5. Create the SSTP VPN user. Go to the Secret tab and add the user. Don’t forget to use the same Profile as on the SSTP Server.

SSTP VPN User Mikrotik

6. Until here the Mikrotik SSTP VPN Server has been successfully activated. Next we set the Mikrotik SSTP VPN Client

How to Set SSTP VPN Client on Mikrotik

1. Login to Mikotik which will be used as SSTP VPN Client.

2. Go to PPP menu –> Interface tab –> Add SSTP Client Interface –> Fill in the SSTP Interface data:

  • Connect to: IP Address or domain name of the SSTP VPN Server
  • Port: Make sure the port is 443
  • Certificate: Because this is a connection between Mikrotik, there is no need to use an SSL certificate (none)
  • User : Enter the Username that has been created on the SSTP Server
  • Password: Enter the password for the SSTP username
  • Profile : Choose the default profile
  • Allow: select mschap2
How to Set SSTP VPN Client on Mikrotik
How to Set SSTP VPN Client on Mikrotik

3. Next, we check whether the SSTP Interface can connect to the SSTP Server. Make sure there is an R (Running) sign on the SSTP client interface and Status: connected.

SSTP success connect to client

4. If the Mikrotik SSTP Client has successfully connected to the SSTP Server, then on the PPP menu -> Interface on the SSTP Server a new dynamic SSTP interface will appear with the D (Dynamic) and R (Running) marks and Status: connected.

SSTP connect to Server

So far, Mikrotik has been connected to each other using the SSTP VPN Tunnel. For Setting SSTP VPN Client on Windows we will discuss in the next article.

Top Posts

Author

  • kizaru

    Hi! I’m Kizaru. I grew up addicted to different Gadget & Computer Accessories. I began working as an IT Support Supervisor in Hospitality company years ago and realized my passion for Computer & Gadget Accessories. Digiva.net is a place for me to share my different findings and experiences about Computer & Gadget Accessories. For more information, Check Out My About Me Page!