windows servers 2019 essiantials rras/vpn (sstp) max two connections

%3CLINGO-SUB%20id%3D%22lingo-sub-2169497%22%20slang%3D%22en-US%22%3Ewindows%20servers%202019%20essiantials%20rras%2Fvpn%20(sstp)%20max%20two%20connections%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2169497%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3Ecan't%20find%20why%20it%20only%20allows%20two%20sessions.%20Others%20get%3A%26nbsp%3BThe%20network%20connection%20was%20aborted%20by%20the%20local%20system%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eevent%20viewer%3A%3C%2FP%3E%3CP%3ECoId%3D%7BA2250444-0B32-0006-B84A-27A2320BD701%7D%3A%20The%20user%20DESKTOP-EOH3BGN%5Czyriusa%20dialed%20a%20connection%20named%20gm%20which%20has%20failed.%20The%20error%20code%20returned%20on%20failure%20is%20-2147023660.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20don't%20see%20any%20errors%20on%20servers's%20even%20viewer%20even%20debug%20mode%20is%20switched%20on%20RRAS%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2169497%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EWindows%20Server%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2170418%22%20slang%3D%22en-US%22%3ERe%3A%20windows%20servers%202019%20essiantials%20rras%2Fvpn%20(sstp)%20max%20two%20connections%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2170418%22%20slang%3D%22en-US%22%3EThis%20one%20may%20help.%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fprevious-versions%2Fwindows%2Fit-pro%2Fwindows-server-2008-R2-and-2008%2Fcc733844(v%3Dws.10)%3Fredirectedfrom%3DMSDN%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fprevious-versions%2Fwindows%2Fit-pro%2Fwindows-server-2008-R2-and-2008%2Fcc733844(v%3Dws.10)%3Fredirectedfrom%3DMSDN%3C%2FA%3E%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2170914%22%20slang%3D%22en-US%22%3ERe%3A%20windows%20servers%202019%20essiantials%20rras%2Fvpn%20(sstp)%20max%20two%20connections%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2170914%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F51719%22%20target%3D%22_blank%22%3E%40Dave%20Patrick%3C%2FA%3E%26nbsp%3BI%20dont%20think%20that%20its%20related%20to%20certificate.%20I%20have%205%20remote%20users.%20All%20can%20connect%20but%20max%20two%20at%20once.%20It%20looks%20like%20limit.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

Hello,

can't find why it only allows two sessions. Others get: The network connection was aborted by the local system

 

event viewer:

CoId={A2250444-0B32-0006-B84A-27A2320BD701}: The user DESKTOP-EOH3BGN\zyriusa dialed a connection named gm which has failed. The error code returned on failure is -2147023660.

 

I don't see any errors on servers's even viewer even debug mode is switched on RRAS

3 Replies

@Dave Patrick I dont think that its related to certificate. I have 5 remote users. All can connect but max two at once. It looks like limit. 

also certificate hash match for all

C:\Users\Administrator>netsh http show sslcert

SSL Certificate bindings:
-------------------------

IP:port : 0.0.0.0:443
Certificate Hash : aa2b77be96a51a7efe27e49960a9f279d1f823cb
Application ID : {ba195980-cd49-458b-9e23-c84ee0adcd75}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
Reject Connections : Disabled
Disable HTTP2 : Not Set
Disable QUIC : Not Set
Disable TLS1.2 : Not Set
Disable TLS1.3 : Not Set
Disable OCSP Stapling : Not Set
Disable Legacy TLS Versions : Not Set

IP:port : 192.168.52.101:443
Certificate Hash : aa2b77be96a51a7efe27e49960a9f279d1f823cb
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : My
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
Reject Connections : Disabled
Disable HTTP2 : Not Set
Disable QUIC : Not Set
Disable TLS1.2 : Not Set
Disable TLS1.3 : Not Set
Disable OCSP Stapling : Not Set
Disable Legacy TLS Versions : Not Set

IP:port : [::]:443
Certificate Hash : aa2b77be96a51a7efe27e49960a9f279d1f823cb
Application ID : {ba195980-cd49-458b-9e23-c84ee0adcd75}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled

also somehow error code changed in event viewer :)

CoId={A2250444-0B32-0005-C47B-28A2320BD701}:The server has refused the Secure Socket Tunneling Protocol (SSTP) request. Either a failure response code or no response code was received. The data portion below contains the response code that was received from the server. This is the HTTP status code present in the response. It can be because the web proxy or the SSTP server might be rejecting the connection, the server might not be configured for SSTP or the server might not have a port available for connection