SSTP
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://ipfyi.com/iframe/glossary/sstp/" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://ipfyi.com/glossary/sstp/Add a dynamic SVG badge to your README or docs.
[](https://ipfyi.com/glossary/sstp/)Use the native HTML custom element.
Definition
Secure Socket Tunneling Protocol. Ein Microsoft-VPN-Protokoll, das PPP-Verkehr über einen SSL/TLS-Kanal auf Port 443 kapselt und somit effektiv Firewalls umgehen kann. Wird hauptsächlich auf Windows-Plattformen unterstützt.
How SSTP Tunnels Over HTTPS
Secure Socket Tunneling Protocol encapsulates PPP traffic inside an SSL/TLSSecure Sockets Layer / Transport Layer Security. Cryptographic protocols that provide encrypted, authenticated communication over a network. SSL is deprecated; modern implementations use TLS 1.2 or TLS 1.3. channel running on TCP port 443 — the same port as HTTPSHTTP Secure. The encrypted version of HTTP that uses TLS to protect data in transit between a browser and a web server. Identified by the padlock icon in browsers and the https:// URL scheme.. This design means SSTP traffic is nearly indistinguishable from normal web traffic, allowing it to traverse firewalls and proxy servers that block traditional VPNVirtual Private Network. A technology that creates an encrypted tunnel between a device and a remote server, protecting data in transit and masking the user's real IP address. Used for privacy, security, and accessing restricted networks. ports. It was introduced with Windows Vista and remains a Microsoft-proprietary protocol.
Security Profile
SSTP's security depends entirely on the underlying SSL/TLSSecure Sockets Layer / Transport Layer Security. Cryptographic protocols that provide encrypted, authenticated communication over a network. SSL is deprecated; modern implementations use TLS 1.2 or TLS 1.3. implementation. With TLS 1.3 and strong cipher suites, it provides solid confidentiality and integrity. It authenticates the server via a SSL/TLS CertificateA digital document that binds a cryptographic key pair to an organization or domain, enabling encrypted HTTPS connections. Issued by Certificate Authorities (CAs) like Let's Encrypt, it proves a website's identity to browsers., preventing man-in-the-middle attacks — a significant improvement over PPTPPoint-to-Point Tunneling Protocol. One of the oldest VPN protocols, developed by Microsoft. PPTP is fast but considered cryptographically broken; it should not be used where security is a concern.. However, SSTP is tightly coupled to Windows and Microsoft's certificate infrastructure, limiting cross-platform deployment.
Use Cases and Limitations
SSTP is well-suited for corporate Windows environments where employees need to reach internal resources from hostile networks that block OpenVPN or IKEv2 ports. Its main limitations are platform lock-in (poor Linux/macOS support) and the absence of a public specification — the protocol is closed and cannot be independently audited. Organizations requiring cross-platform compatibility typically prefer OpenVPN or WireGuard alongside SSTP for Windows-specific scenarios.