Create P2S VPN Connection on Azure

1 hour
  • 5 Learning Objectives

About this Hands-on Lab

In this hands-on lab, you are working as an Azure network engineer for a Cha-Ching Credit Union, a local bank. You’ve been asked to create a point-to-site connection between an “on-premises” user virtual machine to a virtual network in Azure. You’ll use an Azure VPN gateway and a point-to-site VPN connection to connect the “on-premises” virtual machine to the server virtual network.

**Please be aware that this lab can take 30-45 minutes to start due to the creation of the VPN gateway resource.**

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Connect to the User VM and Generate a Self-Signed Certificate

Complete steps 1 and 2 in the Microsoft documentation for creating a self-signed root certificate. Once you’ve generated the certificate, keep the PowerShell prompt open and immediately perform the steps in Example 1 in the Microsoft documentation for generating a client certificate.

Export the Root Certificate Public Key

Complete steps 1 through 9 in the Microsoft documentation for exporting the root certificate public key. Then, copy the public key to your clipboard to use in the next objective.

On the VPN Gateway, Paste the Public Certificate Data

Paste the public key into the Public certificate data box under the Point-to-site configuration settings for the VPN gateway. Note: If you receive an error when saving, ensure the name you added for the public certificate has no spaces in it.

Download the VPN Client and Install It On the User VM

Copy the VPN client zip file to the user virtual machine, extract it, and then install the VPN client from the WindowsAmd64 folder.

Test Connectivity

From the user virtual machine, connect to the VPN via Settings > Network & Internet > VPN. Once connected, ping the server virtual machine to test connectivity.

Additional Resources

Lab Setup

Log in to the Azure portal using the credentials provided on the lab page. Be sure to use an incognito or private browser window to ensure you're using the lab account rather than your own.

Connect to the user-vm virtual machine via remote desktop (either through the Remote Desktop client available on Windows machines or through the Microsoft Remote Desktop application available for Mac machines) using the public IP address and credentials provided on the lab page.

Lab Resources

Check out the Microsoft documentation on how to create a self-signed root certificate for point-to-site connections.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?