How do I use it?

  • Rudolf

    Rudolf - 2011-06-11


    I've just installed sstp-client on Ubuntu 11.04 which was no piece of cake, but I finally managed to install without errors.

    But how do i use the program now?
    I've tried VPN Connections, but there's no option to choose SSTP.
    I tried gnome-ppp, but I don't know what to choose.

    There's no manual to be found.
    Please advise.

  • Eivind

    Eivind - 2011-09-26

    Hi Rudolf,

    The sstp-client is a command line application, so some knowledge of working with terminals are required. You will have to open a terminal on your ubuntu box and type "sstpc" or "sstpc -help" to see the number of options. To check out the help file you need to "man sstpc".

    If you upgrade to ubuntu 11.10 when it is released (soon), you can install the network-manager-sstp-gnome and network-manager-sstp packages and install those. Unfortunately, the current ubuntu release runs with an older version of the network-manager files so no UI integration currently. I'll see if I have some bandwidth to generate you some files for this.

    - Eivind

  • Eivind

    Eivind - 2011-09-26

    Also, if you download the .tar.gz file and uncompress this into a directory you can read through some of the files in support directory. Also make sure to checkout the very simple (and probably a bit terse) web-page:

    Let me know how it works out for you.

    - Eivind

  • Nobody/Anonymous

    Dear Eivind,

    thanks for the great effort you've put in this project,

    after running sstpc, I keep getting this:
    Error: Verification of server certificate failed, (-2)

    is it an openssl related error? how can i solve that?

  • Nobody/Anonymous

    You can specify -cert-warn to the sstpc executable if you don't have server certificates that matches up. This implies that you trust the server anyway. What operating system are you using?

    - Eivind

  • Nobody/Anonymous

    I'm using ArchLinux.

    thank you for your rapid reply :)

    getting this error message now:
    **Error: Connection was aborted, Reason was not known, (-1)

    any ideas?

  • Nobody/Anonymous

    Could you start by describing your environment, the command line you are using, and the version of sstp-client you built? If you are trying to connect to a Microtik router, you may need to go grab the 1.0.7 tar.gz file and compile that.

  • Nobody/Anonymous

    well, I'm using sstp-client v1.0.6 on Linux 3.3.3-1 i686

    sstpc -user=myuser -password=mypass -cert-warn -debug -nolaunchpppd

  • Nobody/Anonymous

    That is a known bug you need to upgrade to 1.0.7 or use subversion. Also if you Plan to use it like this you may need to specify usepeerdns, etc. look at the man page.

  • Nobody/Anonymous

    ok, will try 1.0.7

    many thanks

  • Nobody/Anonymous

    I'm still getting the same error :(

    more verbose debugging is needed… how can i do that?

  • Nobody/Anonymous

    You can try to enable more verbose debugging using the -log-level 4 and -log-stderr switches. You will likely also have to send me your related logs in /var/log/messages or syslog file to check if there is something wrong with the pppd settings

  • Nobody/Anonymous

    Let me know if you continue to have problems.

  • Nobody/Anonymous

    here is the log:

    Apr 29 09:40:02 sstpc[11287]: Could not create directory: /usr/var/run/sstpc, No such file or directory (2)
    Apr 29 09:40:02 sstpc[11287]: Could not access or create runtime directory
    Apr 29 09:40:02 sstpc[11287]: Could not create directory: /usr/var/run/sstpc, No such file or directory (2)
    Apr 29 09:40:02 sstpc[11287]: Could not access or create privilege separation directory, /usr/var/run/sstpc
    Apr 29 09:40:02 sstpc[11287]: Resolved to
    Apr 29 09:40:03 sstpc[11287]: Connected to
    Apr 29 09:40:03 sstpc[11287]: The certificate did not match the host:
    Apr 29 09:40:03 sstpc[11287]: Server certificated failed verification, ignoring
    Apr 29 09:40:03 sstpc[11287]: Sending Connect-Request Message
    Apr 29 09:40:03 sstpc[11287]: SSTP CRTL PKT(14) 
    Apr 29 09:40:03 sstpc[11287]:   TYPE(1): CONNECT REQUEST, ATTR(1):
    Apr 29 09:40:03 sstpc[11287]:     ENCAP PROTO(1): 6
    Apr 29 09:40:04 sstpc[11287]: SSTP CRTL PKT(48) 
    Apr 29 09:40:04 sstpc[11287]:   TYPE(2): CONNECT ACK, ATTR(1):
    Apr 29 09:40:04 sstpc[11287]:     CRYPTO BIND REQ(4): 40
    Apr 29 09:40:04 sstpc[11287]: Started PPP Link Negotiation
    Apr 29 09:41:03 sstpc[11287]: SSTP CRTL PKT(20) 
    Apr 29 09:41:03 sstpc[11287]:   TYPE(5): ABORT, ATTR(1):
    Apr 29 09:41:03 sstpc[11287]:     STATUS INFO(2): 12
    Apr 29 09:41:03 sstpc[11287]: Connection was aborted, Reason was not known
  • Nobody/Anonymous

    Looks to me that there's a few things you should do

    1. Your runtime directory doesn't seem to be setup correctly when you use the -prefix=/usr switch, part of configure require you to specify the -localstatedir=/var and/or the -with-runtime-dir="/var/run/sstpc".

    2. You may need to create the runtime directory by running it as root the first time, second time around it already exists such that pppd knows where to write / locate the temporary file.

    3. I don't know if you are simply just testing this, or otherwise plan a more long-term deployment. I agree that this is a bit complicated to get started at first, but if you use e.g. network-manager plugin for gnome, or the pon/poff scripts (supported by ubuntu at least, I am not sure about arch-linux) you will need to setup a set of basic ppp options.

    Configure from ubuntu, please modify to your distribution
        ./configure \
            -prefix=/usr \
            -sysconfdir=/etc \
            -localstatedir=/var \
            -includedir=${prefix}/include \
            -libexecdir=${prefix}/lib/sstp-client \
            -mandir=${prefix}/share/man \
            -infodir=${prefix}/share/info \
            -disable-dependency-tracking \
            -with-runtime-dir="/var/run/sstpc" \
            -enable-user \

    Run w/ppp options appended
    sstpc -user=myuser -password=mypass -cert-warn -debug -nolaunchpppd call <filename>

    The alternative is to append the options you want on the command line instead of the "call <filename>", e.g. "defaultroute usepeerdns refuse-eap require-mschap-v2 require-mppe refuse-pap"

    If you choose to go with a file, it depends on how pppd is setup. You place a file a file in your current directory and specify the <filename> with absolute path, or you create a file in /etc/ppp/peers/<filename>. This file will hold some of your common ppp options:

    # Cut and paste to a command prompt:
    cat > file <<EOF

    If you run this on a Mac OS-X install, you may want to specify "defaultroute" as well if you want to direct all traffic over the VPN.

  • Nobody/Anonymous

    Looks like specifying some of the other options won't work with pppd on Mac OS-X, but I did have success in the following:

    sudo sstpc -log-level 4 -log-stderr -cert-warn -user myuser -password mypass defaultroute usepeerdns


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks