SSTP stands for “Secure Socket Tunneling Protocol“, which is a type of VPN to secure the network and also hide identity on the internet. Almost the same as PPTP, only SSTP runs on a different port.
SSTP runs on port 443 which allows users to access all kinds of websites without worrying about being blocked. Besides, the safety much better when compared to PPTP. And how to use it is also easy for Windows devices.
Meanwhile, if you want to create a private SSTP Server, I recommend using an Ubuntu/Debian VPS because it’s easy to set up. And this article will explain the easiest way to install SSTP Server on Ubuntu.
SSTP Server Installation Tutorial on Ubuntu
STEP 1: Setting up
The Ubuntu version I’m using in this tutorial is 18.04 (Bionic). Before starting the installation process and setting up the SSTP Server, make sure that you have previously installed PPTPD, because SSTP also requires PPTP Server to run. And if not, please install it first with the following command:
sudo apt-get update sudo apt-get install pptpd -y
If so, continue to install Python version 3.4 and above, because later this is needed to install an SSTP Server to make it faster and more practical. Here is the command to install Python:
sudo apt install -y python3 python3-pip -y
STEP 2: Installing SSTP Server
Now it’s time to install the SSTP Server. Here using sstp-server created by Shell Chen so the process is quick and easy. Immediately following the command:
sudo pip install sstp-server
STEP 3: Setting Configuration and Authentication
PPTP and SSTP configurations actually have something in common. And just create a new file specifically for SSTP configuration, here is the command:
sudo nano /etc/ppp/options.sstpd
Copy the configuration below and then save it:
name sstpd require-mschap-v2 nologfd nodefaultroute ms-dns 184.108.40.206 ms-dns 220.127.116.11
Still not done, now it’s time to arrange the parts authentication.
sudo nano /etc/ppp/chap-secrets
Copy the text below to add a username and password. Please set it as you want:
username * password *
Make sure you have changed the username and password above, because later it will be used for SSTP authentication by the client. And don’t omit the two asterisks (*) because it has an important role in the setting.
STEP 4: Get Certificate from LetsEncrypt (Certbot)
In order for SSTP Server to run, it will certainly require a valid SSL certificate. And to get it, you can go through LetsEncrypt. But first, please prepare a domain that has been pointed to an Ubuntu IP address.
Here is the command to install LetsEncrypt on Ubuntu:
sudo apt install certbot -y
And to get an SSL certificate, please use the command below, but don’t forget to change “domainname.com” with the domain that you pointed to the Ubuntu IP address in order to get a valid certificate.
sudo certbot certonly --standalone --preferred-challenges http --agree-tos --email [email protected] -d namadomain.com
STEP 5: Running SSTP Server on Ubuntu
After going through a slightly lengthy step, now finally we enter the final step, where the Ubuntu server that you have prepared is ready to run SSTP Server.
And here is the command to start it. Again, make sure you’ve changed “domainname.com” to the domain you’ve pointed to the Ubuntu IP address:
sudo sstpd -p 443 -c /etc/letsencrypt/live/namadomain.com/fullchain.pem -k /etc/letsencrypt/live/namadomain.com/privkey.pem --local 10.0.0.1 --remote 10.0.0.0/24
If it’s running successfully, now you can directly try to connect it via the VPN feature in Windows 10. If everything is set correctly, SSTP will certainly connect without any problems.
Also read: How to Install Softether VPN Server on Debian and Ubuntu VPS
Installing SSTP Server is actually not difficult, it’s almost the same as setting up on OpenVPN, it’s just that I think it’s simpler than that. It’s more suitable like making DNS Over HTTPS, where the domain requires a valid SSL to be able to connect perfectly.
The SSTP configuration is actually the same as PPTP, and you can add other configurations if the ones listed above are still lacking. Meanwhile, user authentication can be used for both PPTP and SSTP, if you want to create user authentication specifically for SSTP, the configuration is as follows:
username sstpd password *
If you have problems or want to ask something about the tutorial above, don’t hesitate to comment, and I will help to make it easier.
Hopefully useful and good luck