Setting up Azure’s P2S VPN Gateway with PowerShell — Part 3/3

This post outlines Steps 8–10 of the series of 10 steps to create an Azure P2S Connection. Do these steps AFTER COMPLETING Steps 1–4 given in Setting up Azure’s P2S VPN Gateway with PowerShell -Part 1/3 and Steps 5–7 given in Setting up Azure’s P2S VPN Gateway with PowerShell -Part 2/3

Steps 1- 7 for Creating P2S Connection:

1. Log in to Azure and set variables
2. Configure a VNet
3. Create the VPN Gateway
4. Add the VPN client address pool
5. Generate certificates
6. Upload the root certificate public key info to Azure
7. Install an exported client certificate

Steps 8–10 for Creating P2S Connection:

8. Configure the VPN on client computer
9. Connect to Azure
10. Verify P2S VPN Connection

8. Configure the VPN on the client machine

#A.Generate files using POSH:

$profile=New-AzureRmVpnClientConfiguration -ResourceGroupName $RG -Name $GWName -AuthenticationMethod "EapTls"

#B.Copy the URL to your browser to download the zip file, then unzip the file to view the folders

#C.Install on Windows: Read the following: Create and Install VPN Client Configuration Files

9. Connect to Azure VNet via VPN

A. On client computer, navigate to Settings > Network & Internet > VPN > Connect:

The VPN adapter is showing as connected via SSTP in the Network Adapters of the client:

In the Azure Portal, the Point-to-site configuration blade shows 1 connection and shows the Allocated IP address of that connection:

10. Verify Connection from Client to VNet

A. Ping the internal IP address of an Azure VM in the P2S VNet:

B. Using RDP, connect to the internal IP address of an Azure VM in the P2S VNet:

C. If you’re not using a DNS server in addition to Azure’s default DNS service, adding the name and IP address to the client computer’s hosts file (C:\Windows\System32\drivers\etc\hosts) will allow remote connections via IP address or host name, by mapping IP addresses to host names.

Adding the client’s assigned Gateway App Pool IP address and name to the hosts file of an Azure VM will allow connection via IP or client name — good for verifying the connection from the Azure VM to the client. However, each time the client computer is restarted, a new VPN connection must be made manually, and the P2S Gateway allocates a NEW IP address from the address pool — so the Azure VMs hosts file would have to be updated! The P2S Gateway is always ‘on’, but VPN sessions won’t persist if the client computer leaves the VPN network.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store