There appears to be no dead link detection and recovery in the SSTP client at all…
When a client is connected using SSTP and the path between client and server is dead for a while,
the server times out the connection but the client keeps “connected” and does not notice anything.
When the path recovers the client just remains “connected” and the stateful firewall on the server
is of course silently dropping any TCP traffic from this existing connection.
The client should somehow notice within a few minutes that its connection has died, reset and
reconnect it and attempt to login again. Maybe it finally does, but not within 4 hours (after that I reset it).
Even when there is no traffic this could be detected using TCP keepalive. But in my case there was
traffic, so it should have been piling up on the TCP connection and the client can detect that.
What client did you use? The SSTP server and client in MikroTik appear to support keepalives. I haven’t played with SSTP yet though.
Both the client and server were MikroTik routers running 6.38.5
I have not found a keepalive option in SSTP Client.
As SSTP is just PPP over TLS it is probably using the PPP keepalive mechanism, but for some
reason it does not tear down the TLS layer when it fails. And as long that is not re-established,
the PPP layer cannot come up anymore and everything is stuck.