Not to be confused with Simple Symmetric Transport Protocol.
Secure Socket Tunneling Protocol (SSTP) is a form of virtual private network (VPN) tunnel that provides a mechanism to transport PPP traffic through an SSL/TLS channel. SSL/TLS provides transport-level security with key negotiation, encryption and traffic integrity checking. The use of SSL/TLS over TCP port 443 (by default; port can be changed) allows SSTP to pass through virtually all firewalls and proxy servers except for authenticated web proxies.[1]
SSTP servers must be authenticated during the SSL/TLS phase. SSTP clients can optionally be authenticated during the SSL/TLS phase and must be authenticated in the PPP phase. The use of PPP allows support for common authentication methods, such as EAP-TLS and MS-CHAP.
SSTP is available for Linux, BSD, and Windows.[2]
SSTP is available on Windows Vista SP1 and later, in RouterOS since version 5.0, and in SEIL since its firmware version 3.50. It is fully integrated with the RRAS architecture in these operating systems, allowing its use with Winlogon or smart-card authentication, remote-access policies and the Windows VPN client.[3] The protocol is also used by Windows Azure for Point-to-Site Virtual Network.[4]
SSTP is intended only for remote client access, it generally does not support site-to-site VPN tunnels.[5]
SSTP suffers from the same performance limitations as any other IP-over-TCP tunnel. In general, performance will be acceptable only as long as there is sufficient excess bandwidth on the un-tunneled network link to guarantee that the tunneled TCP timers do not expire. If this becomes untrue, performance falls off dramatically. This is known as the "TCP meltdown problem".[6][7]
SSTP supports user authentication only; it does not support device authentication or computer authentication.
^Jain, Samir (2007-01-17). "SSTP FAQ - Part 2: Client Specific". Microsoft TechNet. Retrieved 2015-10-17.
^McGuire, Cheryl (2015-08-11). "Configure a point-to-site VPN connection to an Azure Virtual Network". Retrieved 2015-10-17.
^Jain, Samir (2007-01-10). "SSTP FAQ - Part 1: Generic". TechNet Blogs. Archived from the original on 2010-10-12.
^Titz, Olaf (2001-04-23). "Why TCP Over TCP Is A Bad Idea". Retrieved 2015-10-17.
^Honda, Osamu; Ohsaki, Hiroyuki; Imase, Makoto; Ishizuka, Mika; Murayama, Junichi (October 2005). "Understanding TCP over TCP: effects of TCP tunneling on end-to-end throughput and latency". In Atiquzzaman, Mohammed; Balandin, Sergey I (eds.). Performance, Quality of Service, and Control of Next-Generation Communication and Sensor Networks III. Vol. 6011. p. 60110H. Bibcode:2005SPIE.6011..138H. doi:10.1117/12.630496. S2CID 8945952.
and 27 Related for: Secure Socket Tunneling Protocol information
SecureSocketTunnelingProtocol (SSTP) is a form of virtual private network (VPN) tunnel that provides a mechanism to transport PPP traffic through an...
now-deprecated SSL (SecureSockets Layer) specifications (1994, 1995, 1996) developed by Netscape Communications for adding the HTTPS protocol to their Netscape...
the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, SecureSockets Layer (SSL). The protocol is therefore also...
WebSocket is a computer communications protocol, providing a simultaneous two-way communication channel over a single Transmission Control Protocol (TCP)...
Point-to-Point TunnelingProtocol and in several compatible implementations on other platforms. Microsoft SecureSocketTunnelingProtocol (SSTP) tunnels Point-to-Point...
port 3544. For 6to4, the most common IPv6 over IPv4 tunnelingprotocol, requires that the tunnel endpoint have a public IPv4 address. However, many hosts...
Secure Reliable Transport (SRT) is an open source video transport protocol that utilises the UDP transport protocol. The SRT Protocol specification is...
STARTTLS extension allows the use of Transport Layer Security (TLS) or SecureSockets Layer (SSL) to be negotiated using the STLS command, on the standard...
installation, configuration, and management of other RRAS features. SecureSocketTunnelingProtocol VPN enforcement for Network Access Protection – Limits VPN...
Security (TLS) and, formerly, the SecureSockets Layer (SSL, which is now prohibited by RFC7568) cryptographic protocols. FTPS should not be confused with...
installed in an SAS drive bay, and the enclosure can use the Serial ATA TunnelingProtocol (STP) to make use of the drive.: 16, 17 There are keyed parts to...
The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia...
IP tunneling or remote procedure call and the Network File System. It is simple, suitable for bootstrapping or other purposes without a full protocol stack...
backbone was IPv4-only, one of the frequently used tunnelingprotocols was 6to4. Teredo tunneling was also frequently used for integrating IPv6 LANs with...
Protocol (SCTP) encapsulation, RFC 5764 for use with Secure Real-time Transport Protocol (SRTP) subsequently called DTLS-SRTP in a draft with Secure Real-Time...
defined as an acronym for "socketsecure" from at least 2001, although it was not originally defined as such in the SOCKS Protocol Version 5 RFC in 1996 or...
11n wireless networking, IPv6 over VPN connections, and the SecureSocketTunnelingProtocol. Booting a system using Extensible Firmware Interface on x64...
IP multicast is a method of sending Internet Protocol (IP) datagrams to a group of interested receivers in a single transmission. It is the IP-specific...
of wiring SecureSocketTunnelingProtocol, a form of virtual private network (VPN) tunnel Simple Symmetric Transport Protocol, a protocol for delivering...
known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an...
user-space VPN Point-to-Point TunnelingProtocol (PPTP) Microsoft method for implementing VPN SecureSocketTunnelingProtocol (SSTP) Microsoft method for...
encryption and tunneling. The common tunnelingprotocol used is Layer 2 TunnelingProtocol and the common encryption mechanism used is SecureSockets Layer (SSL)...