Connect to VPN Gate by Using MS-SSTP VPN Protocol

This document describes how to connect to a VPN Relay Server of VPN Gate by using the Microsoft SSL-VPN Client (VPN over HTTPS) which is bundled with the operating system.

MS-SSTP (Microsoft Secure Socket Tunneling Protocol) is a VPN protocol which is developed by Microsoft Corporation. It implements PPP over HTTPS (SSL). It capsules all user packets on TCP. So it can pass the firewall easily. The bandwidth of SSTP is not so fast. The advantage of SSTP is; Windows Vista and later OS has a built-in SSTP VPN client, and configuration of SSTP is very easy.

Connecting parameters for MS-SSTP

You can quickly configure your SSTP VPN Client by using the following parameters if you have already known how to set up.

Hostname: You can obtain them in Public VPN Relay Servers List page.
Username: vpn, Password: vpn
Note: You must specify the hostname as "xxx.opengw.net" (DDNS hostname). You cannot specify IP addresses directly. If the port number of the SSTP server is not 443, you should append a suffix as ":port number" .

Alternative method

SoftEther VPN Client is recommended on Windows.
L2TP/IPsec Client configurations are difficult than SoftEther VPN Client.
If you are using Windows, using SoftEther VPN Client is recommended because it is very easy to configure and stable. SoftEther VPN Client can show the list of currently running VPN Gate Servers on the software screen.

On this instruction, we use Windows 7 screens. Windows Vista and Windows 8 are similar, however there are a little number of changes.

VPN on Windows Guide step by step guide (Using SSTP)

1. Initial configurations (only once at the first time)

Right-click the network icon on the bottom-right side of Windows screen, and click "Open Network and Sharing Center" .

Click "Set up a new connection or network" on the "Network Sharing Center" .

Select "Connect to a workplace" .

Select "Use my Internet connection (VPN)" .

Open the VPN Servers List page and choose a VPN Server which you want to connect.
Copy the "Hostname for SSTP Connection" (an identifier ends with ".opengw.net" or the port number) and paste it on the "Internet address" field on the configuration wizard.

Note: You must specify the hostname as "xxx.opengw.net" (DDNS hostname). You cannot specify IP addresses directly. If the port number of the SSTP server is not 443, you should append a suffix as ":port number" . Please make sure that you copy the "Hostname for SSTP Connection" (green-color fonts) exactly from the VPN Servers List page.

If the username and password prompting screen appears, input "vpn" (3-letters) on both username and password field. You should check "Remember this password" .

After you click "Next" , it will take 10 - 30 minutes to attempt to connect a VPN to the SSTP server.

If this is your first time to make a SSTP VPN connection, it might fail one or two times at the first attempt. If it fails, click the "Retry" to retry the connection. It seems a bug of Windows.

If the VPN connection will be established, the following screen will appear.

If you cannot make a successful SSTP VPN connection, save the VPN connection and go to the property screen of the VPN connect. Open the "Security" tab, and select SSTP on the "Type of VPN" dropdown box. If you fail again, try another SSTP VPN Server on the Servers List.

2. Connect to the VPN Server

To start a VPN connection by using the VPN connection setting, click the network icon on right-bottom side of Windows. The VPN settings will be listed on the screen. Click a VPN setting which you want to use. If VPN connection will be established, the "Connected" status will be displayed.

3. Enjoy Internet via VPN relaying

While VPN is established, all communications towards the Internet will be relayed via the VPN Server. You can verify that by using "tracert 8.8.8.8" command on the Windows Command Prompt.

As the above figure, if the packet-path are through "10.211.254.254" , your communication is now relayed via one of VPN Gate Public VPN Servers.

You can also visit the VPN Gate Top Page to see your current global IP address. You can see your source country or region has been changed to other if you are connecting to a VPN server which is located on oversea country.

Enjoy YouTube, Facebook or Twitter while your VPN connection is established.
Facebook, Twitter and Gmail uses HTTPS (SSL) encrypted communication protocols. Regardless of VPN or non-VPN, no one can tap these encrypted communications.

Any errors using MS-SSTP VPN?

Username and password are both "vpn" (3-letters).
Windows XP or earlier version of Windows cannot make a SSTP VPN connection.
You must specify the hostname as "xxx.opengw.net" (DDNS hostname). You cannot specify IP addresses directly. If the port number of the SSTP server is not 443, you should append a suffix as ":port number" . Please make sure that you copy the "Hostname for SSTP Connection" (green-color fonts) exactly from the VPN Servers List page.
Your local firewall might filter any TCP packets which are not towards TCP 80 or 443. In such a network, you have to choose a SSTP VPN Server which are supporting TCP port 443.
Try Using SoftEther VPN Client if you cannot use SSTP after a few retries.

Copyright © 2024 VPN Gate Academic Experiment Project at National University of Tsukuba, Japan. All Rights Reserved.
VPN Gate is based on SoftEther VPN Software which is developed by SoftEther VPN Project.
Flag Icons Supplier | About VPN Gate Academic Project | Support Forums | List of Mirror Sites | Compliance with Local Laws | University of Tsukuba Web Site | WinPcap for Windows 10