Configure Point-to-Site Connection

 Configure Point-to-Site Connection



Next step of this configuration is to configure the point-to-site connection. In here we will define client ip address pool as well. It is for VPN clients.

 

  • Click on newly created VPN gateway connection.
  • Then in new window click on Point-to-site configuration

p2s17.jpg

 

  • After that, click on Configure Now

p2s18.jpg

 

  • In new window type IP address range for VPN address pool. In this demo I will be using 172.16.25.0/24. For tunnel type use both SSTP & IKEv2. Linux and other mobile clients by default use IKEv2 to connect. Windows also use IKEv2 first and then try SSTP. For authentication type use Azure Certificates.

 p2s19.jpg

 

  • In same window there is place to define root certificate. Under root certificate name type the cert name and under public certificate data, paste the root certificate data ( you can open cert in notepad to get data).

p2s20.jpg

p2s21.jpg

 

  • Then click on Save to complete the process.

 p2s22.jpg 

Note : when you paste certificate data, do not copy -----BEGIN CERTIFICATE----- & -----END CERTIFICATE----- text.

 

Testing VPN connection

 

Now we have finished with configuration. As next step, we need to test the connection. To do that log in to the same pc where we generate certificates. If you going to use different PC, first you need to import root cert & client certificate we exported.

 

  • Log in to Azure portal from machine and go to VPN gateway config page.
  • In that page, click on Point-to-site configuration
  • After that, click on Download VPN client

 p2s23.jpg

 

  • Then double click on the VPN client setup. In my case I am using 64bit vpn client.

 p2s24.jpg

 

  • After that, we can see new connection under windows 10 VPN page.

p2s25.jpg

 

  • Click on connect to VPN. Then it will open up this new window. Click on Connect in there.

p2s26.jpg

 

  • Then run ip config to verify ip allocation from VPN address pool.

p2s27.jpg

 

  • In VPN gateway page also, I can see one connection is made.

p2s28.jpg

 

  • I have a server setup under new virtual network we created. This server only has private ip and its 192.168.100.4

p2s29.jpg

 

  • As expected, I can RDP to this via VPN.

p2s30.jpg

Comments

Popular posts from this blog

Create a Public Load balancer

AWS Workspaces vs Azure Virtual Desktop