Current setup:
SSTP server to SSTP clients (with SRCNAT and masquerading) works well for remote support via LogMeIn. My problem is that my fleet of computers that I’m supporting is growing faster than the business owner had envisioned, and every computer that I’m supporting is running stand-alone Win 7 Pro. I need to attach all of them (presently about 100) to my W2K8 R2 Domain just to make the support easier. Total PITA to remote out to a computer, then FTP back in (or even to use LMI to push out whatever needs pushing out). Using SSTP and SRCNAT, of course, my DC is unable to see the clients. I’d like to be able to push out GPOs, updates, etc, but I’m having a bugger of a time
already have this in firewall nat: chain=srcnat action=masquerade to-addresses=0.0.0.0 out-interface=ether1-gateway
sstp client setup is straighforward and simple - no certificate; and authentication is mschap2.