Hello there,
I’m a newbie here. I would like to ask somebody for a help or a hint with my complex problem.
I’ve managed to setup the SSTP Server to Client (WIN10). I’m using SECTIGO certificate that was created for the validated static Public IP address from our ISP and than the SSTP.contoso.com DNS name.
- The problem is that my final firewall rule is add action=drop chain=input in-interface=!STAFF
- When I Enable this rule there is no possibility to establish connection. When it’s disabled it’s okay.
- I made another firewall rule add action=accept chain=input dst-port=12345 protocol=tcp since I don’t want to have default port 443 open. Than I change these configuration values in the WIN10 e.g. sstp.contoso.com:12345 connection client and it works. Connection is estabilished, I can ping devices on the network, I can SMB to folders, but I cannot access the WINBOX with the default IP address which I can actually ping and I get response.
Would you please help me with some idea what did I do wrong? The problem is that all the guides that I’ve found are server to server setup. I would definitely prefer not to change the default port 443, which I had to and please explain me the final drop rule which I have.
Many thanks