Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
697
Views
0
Helpful
1
Replies

SSTP and DUO: certificate error

Exonix1
Level 1
Level 1

‎11-11-2016 02:31 AM

Hi,
i deployed Duo for the RRAS. Works very well with L2TP\IPSec VPN.
But, SSTP VPN doesn’t work. A user can connect only for 1 sec and disconnect immediately.
On NPS server (Windows Radius) i see successful authentication.
On Duo Proxy server i see successful authentication.
On VPN server i don’t see any logs about this connection.
On client Windows 10 i see certificate error:

Log Name:      System
    Source:        Microsoft-Windows-RasSstp
    Date:          10.11.2016 18:04:43
    Event ID:      6
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      WIN10-1.corp.domain.ru
    Description:
    CoId={9DDF738A-A701-4EBA-9C5E-032C4C1957C4}:The SSTP-based VPN connection to the remote access server was terminated because of a security check failure. Security settings on the remote access server do not match settings on this computer. Contact the system administrator of the remote access server and relay the following information:

    SHA1 Certificate Hash: 524FF41B415A8BA5DF94B258FB0EC9300FCB2ECE
    SHA256 Certificate Hash: D53688670804038199FF8826FD49CBFBC5CC4CFEAD98C23FB4BB547BD6E669E1
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-RasSstp" Guid="{6c260f2c-049a-43d8-bf4d-d350a4e6611a}" EventSourceName="RasSstp" />
        <EventID Qualifiers="0">6</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2016-11-10T17:04:43.343656100Z" />
        <EventRecordID>3297</EventRecordID>
        <Correlation />
        <Execution ProcessID="0" ThreadID="0" />
        <Channel>System</Channel>
        <Computer>WIN10-1.corp.domain.ru</Computer>
        <Security />
      </System>
      <EventData>
        <Data Name="CoId">{9DDF738A-A701-4EBA-9C5E-032C4C1957C4}</Data>
        <Data Name="SHA1 Certificate Hash">524FF41B415A8BA5DF94B258FB0EC9300FCB2ECE</Data>
        <Data Name="SHA256 Certificate Hash">D53688670804038199FF8826FD49CBFBC5CC4CFEAD98C23FB4BB547BD6E669E1</Data>
      </EventData>
    </Event>

what is wrong? Does Duo replace a certificate?

0 Helpful
1 Reply 1

Dooley
Level 3
Level 3

‎11-11-2016 06:24 AM

Hi Aleks,

Please contact our Support Team so they can troubleshoot this issue with you.

Thanks,
Andrew

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents