Is it doable to set up a non-domain-based (standalone) Windows Server 2008 as an SSTP VPN (Secure Socket Layer Tunneling Protocol VPN)?
I'd like to enable remote users to access a network via SSL-based VPN (currently using PPTP) by making an SSTP VPN connection via a Win2k8 server. Most of the docs seem to include running in an AD domain with an in-house Certificate Authority to enable this feature.
Is it possible to do this with a stand-alone Win2k8 server? If so, how?
My understanding is that the certificate used as part of the authentication hasto come from Active Directory Certificate Services, and there is no way to get it from any other source (I'll admit to not trying too hard to figure out if it was possible, I was investigating SSTP for another VPN related project)
Setting up the 2008 server as a standalone AD controller would get around the issue; the client systems don't need to be in the domain.
you connect with host address for sstp. you can use standard web certificate from any ssl cert provider. that host address need to resolve to your vpn server.
step-by-step guide http://www.windowsecurity.com/articles/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part2.html