{"id":82351,"date":"2008-02-13T10:16:02","date_gmt":"2008-02-13T17:16:02","guid":{"rendered":"http:\/\/infraops.wordpress.com\/?p=33"},"modified":"2022-09-26T14:00:52","modified_gmt":"2022-09-26T21:00:52","slug":"soon-access-your-vpn-from-almost-anywhere","status":"publish","type":"post","link":"https:\/\/jorgep.com\/blog\/soon-access-your-vpn-from-almost-anywhere\/","title":{"rendered":"Soon, access your VPN from almost anywhere!"},"content":{"rendered":"<p>You&#8217;re absorbing caffeine from a white cup with green letters while surfing the web on your laptop and you suddenly remember that you need something from your corporate VPN. What to do? Yes, I know you&#8217;ll try to establish VPN even if you tried it just last Thursday. You&#8217;re an optimist who believes that they just might have realized that outgoing VPN is not evil. But alas, you&#8217;ll need to head back home since airports, hotels and coffee shops notoriously block most all of the really cool protocols from working.<\/p>\n<p>Some day soon (we hope) you&#8217;ll be able stay comfy and do your work. This is all due to the upcoming Windows 2008 and Vista support of SSTP!<\/p>\n<p>The Secure Socket Tunnel Protocol is really an ingenious convergence of secure HTTP (HTTPS\/SSL) and Point-to-Point Protocol technologies. In order to make this work you&#8217;ll need a few things:<\/p>\n<ul>\n<li>Windows 2008 Server &#8211; Expected February release<\/li>\n<li>A certificate authority (This can be an internal enterprise CA)<\/li>\n<li>A firewall &#8211; My personal favorite: Microsoft ISA 2006<\/li>\n<li>Vista SP1 &#8211; Early to mid March release. There&#8217;s discussion on whether XP SP3 will add this support but the future is unclear. Check again later.<\/li>\n<\/ul>\n<p>Now, I won&#8217;t tell you that giving your road warriors this kind of freedom is going to take 15 minutes and a wizard, but there are already some great resources published to get you ready.<\/p>\n<ul>\n<li>Dr. Thomas Shinder (The smartest firewall guy I know) has published an article on ISAserver.org on how to configure ISA 2006 for SSTP access:\n<ul>\n<li><a title=\"http:\/\/www.isaserver.org\/tutorials\/Publishing-Windows-Server-2008-SSL-VPN-Server-Using-ISA-2006-Firewalls-Part1.html\" href=\"http:\/\/www.isaserver.org\/tutorials\/Publishing-Windows-Server-2008-SSL-VPN-Server-Using-ISA-2006-Firewalls-Part1.html\">http:\/\/www.isaserver.org\/tutorials\/Publishing-Windows-Server-2008-SSL-VPN-Server-Using-ISA-2006-Firewalls-Part1.html<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Another Dr. Shinder article on WindowsSecurity.com. This one is a 2-part article. Part 1 is a deep-dive on the new protocol and part 2 focuses on configuring required Windows 2008 services:\n<ul>\n<li>Part 1: <a title=\"http:\/\/www.windowsecurity.com\/articles\/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part1.html\" href=\"http:\/\/www.windowsecurity.com\/articles\/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part1.html\">http:\/\/www.windowsecurity.com\/articles\/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part1.html<\/a><\/li>\n<li>Part 2: <a title=\"http:\/\/www.windowsecurity.com\/articles\/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part2.html\" href=\"http:\/\/www.windowsecurity.com\/articles\/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part2.html\">http:\/\/www.windowsecurity.com\/articles\/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part2.html<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Samir Jain from the TechNet Routing and Remote Access blog has posted a primer on the SSTP protocol:\n<ul>\n<li><a title=\"http:\/\/blogs.technet.com\/rrasblog\/archive\/2007\/01\/10\/how-sstp-based-vpn-connection-works.aspx\" href=\"https:\/\/web.archive.org\/web\/20090620005730\/http:\/\/blogs.technet.com:80\/rrasblog\/archive\/2007\/01\/10\/how-sstp-based-vpn-connection-works.aspx\">http:\/\/blogs.technet.com\/rrasblog\/archive\/2007\/01\/10\/how-sstp-based-vpn-connection-works.aspx<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Happy Tunneling!<\/p>\n<p>Jonathan Connery MCSE+I, MCSD<br \/>\nSenior Systems Architect<br \/>\nInfrastructure Optimization Team<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Secure Socket Tunnel Protocol is really an ingenious convergence of secure HTTP (HTTPS\/SSL) and Point-to-Point Protocol technologies which allows you to connect to your corporate VPN from almost anywhere.<\/p>\n","protected":false},"author":2,"featured_media":461826,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","ngg_post_thumbnail":0,"episode_type":"","audio_file":"","podmotor_file_id":"","podmotor_episode_id":"","cover_image":"","cover_image_id":"","duration":"","filesize":"","filesize_raw":"","date_recorded":"","explicit":"","block":"","itunes_episode_number":"","itunes_title":"","itunes_season_number":"","itunes_episode_type":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[441],"tags":[448],"class_list":["post-82351","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-talk","tag-windows-server"],"taxonomy_info":{"category":[{"value":441,"label":"Tech Talk"}],"post_tag":[{"value":448,"label":"Windows Server"}]},"featured_image_src_large":["https:\/\/jorgep.com\/blog\/wp-content\/uploads\/jorgep-BlogPostGeneric.jpg",1024,512,false],"author_info":{"display_name":"Jorge Pereira","author_link":"https:\/\/jorgep.com\/blog\/author\/jorge\/"},"comment_info":0,"category_info":[{"term_id":441,"name":"Tech Talk","slug":"tech-talk","term_group":0,"term_taxonomy_id":451,"taxonomy":"category","description":"","parent":0,"count":678,"filter":"raw","cat_ID":441,"category_count":678,"category_description":"","cat_name":"Tech Talk","category_nicename":"tech-talk","category_parent":0}],"tag_info":[{"term_id":448,"name":"Windows Server","slug":"windows-server","term_group":0,"term_taxonomy_id":458,"taxonomy":"post_tag","description":"","parent":0,"count":2,"filter":"raw"}],"_links":{"self":[{"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/posts\/82351","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/comments?post=82351"}],"version-history":[{"count":0,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/posts\/82351\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/media\/461826"}],"wp:attachment":[{"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/media?parent=82351"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/categories?post=82351"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/tags?post=82351"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}