Hopefully I'm posting this in the correct forum.
At my organization we use Softether for external SSTP access, and it works great!! But the lack of MFA is a problem, so we setup a Windows RADIUS server that connects to Microsoft Entra ID for validation & MFA. When we use * for the username in Softether everything works as expected. It passes whatever username it receives to RADIUS for validation and the user is able to login.
In order to limit things a bit, we decided to create individual user accounts on Softether rather than using *.
Our user powershell script creates the SSTP connection using the credentials of the user currently signed into the workstation.
Here's where our problem occurs. It sends DOMAIN\USERNAME as the credential, but Softether doesn't allow for that format for usernames.
So the VPN authentication request fails without ever reaching our RADIUS server.
Since Softether won't allow the "\" character in the username via the GUI, we decided to test things by editing the vpn_server.config file and manually changing a user to include the DOMAIN\ prefix and it worked.
declare USERNAME
changed to
declare DOMAIN\USERNAME
But that user can no longer be modified or deleted by the GUI.
Would it be possible to update the management GUI to allow th4e "\" character in usernames?
Thanks,
Andrew