In this hands-on lab, you are working as an Azure network engineer for a Cha-Ching Credit Union, a local bank. You’ve been asked to create a point-to-site connection between an “on-premises” user virtual machine to a virtual network in Azure. You’ll use an Azure VPN gateway and a point-to-site VPN connection to connect the “on-premises” virtual machine to the server virtual network.
**Please be aware that this lab can take 30-45 minutes to start due to the creation of the VPN gateway resource.**
Successfully complete this lab by achieving the following learning objectives:
- Connect to the User VM and Generate a Self-Signed Certificate
Complete steps 1 and 2 in the Microsoft documentation for creating a self-signed root certificate. Once you’ve generated the certificate, keep the PowerShell prompt open and immediately perform the steps in Example 1 in the Microsoft documentation for generating a client certificate.
- Export the Root Certificate Public Key
Complete steps 1 through 9 in the Microsoft documentation for exporting the root certificate public key. Then, copy the public key to your clipboard to use in the next objective.
- On the VPN Gateway, Paste the Public Certificate Data
Paste the public key into the Public certificate data box under the Point-to-site configuration settings for the VPN gateway. Note: If you receive an error when saving, ensure the name you added for the public certificate has no spaces in it.
- Download the VPN Client and Install It On the User VM
Copy the VPN client zip file to the user virtual machine, extract it, and then install the VPN client from the WindowsAmd64 folder.
- Test Connectivity
From the user virtual machine, connect to the VPN via Settings > Network & Internet > VPN. Once connected, ping the server virtual machine to test connectivity.