Recently, a customer wanted us to connect to his servers in a Microsoft Azure Cloud environment.
This connection required an SSTP tunnel with EAP-MSCHAPv2 authentication. We didn’t want to use the provided VPN client for Windows, but rather preferred to use our Linux gateway to make the connection.
An SSTP client for Linux is available at Sourceforge, but unfortunately the current pppd-2.4.7 does not support the required EAP encapsulated MSCHAPv2 authentication.
There is a patch implementing a PEAP encapsulated MSCHAPv2 at Github, but this didn’t solve our problem either, as the gateway doesn’t support PEAP.
Inspired by that implementation, we created our own EAP-MSCHAPv2 patch for pppd-2.4.7, which you can download here.
The implementation is incomplete in the way that only client mode is supported. Nevertheless, it works well for us. Please use at own risk.