
close
close
In part one of this two-part series, I showed you how to set up a point-to-site VPN in Windows Azure and create a self-signed root certificate to upload to Azure. A point-to-site VPN connection can be useful for connecting directly to Azure server resources from remote devices or in situations where a site-to-site IPsec VPN is not available, or isn’t possible to set up because the technical requirements cannot be met.
In part two, I’ll show you how to create a self-signed client certificate, how to install the root and client certificates, and finally, how to configure and test the VPN connection from your on-premise or remote client to Windows Azure.
advertisment
Now we need to create a certificate for the VPN client machine. You should create a unique client certificate for each device that will connect to the Azure virtual network. The following makecert command should be run on the same machine where the root certificate was created.
Now that we have both our root and client self-signed certificates, it’s time to upload the root certificate to the Azure management portal and install the client certificate on an on-premise server.
Log on to the Azure management portal and follow the instructions below to upload the root certificate:
Now click Dashboard and note that the alert for the missing root certificate should have disappeared from the network diagram.
advertisment
Before installing the VPN client on the on premise server, we need to install the client certificate created using makecert.
Once the certificates are in place, we can download the VPN configuration package from the Azure management portal and run it on the on premise server.
A secure connection to your Windows Azure virtual network should now be established.
Open a command prompt, type ipconfig /all, and you should see a PPP connection with the name of your Azure virtual network. It should have an IP address that corresponds to the range that we configured for point-to-site VPN clients in part one.
advertisment
Let’s see if we can connect to a resource running on one of our Azure servers. To perform a simple test, I have set up Windows Server 2012 R2 in a virtual machine in Windows Azure and configured a file share that everyone has access to. If you are not sure how to configure a VM in Azure, see “Deploy Windows Server 2012 in an Azure Virtual Machine.” Additionally, you can find instructions on how to configure a file share using Server Manager in my article “Create a File Share in Windows Server 2012 R2 Using Server Manager.”
Once you have a server on Azure setup with a file share, open File Explorer on your on premise machine, where you established a VPN connection to Azure, and see if you can access the share using the Azure server’s IP address. For example, type \\10.0.0.4\ in the address bar of File Explorer, replacing 10.0.0.4 with the IP address of your remote server, and press Enter to see a list of available shares.
More from Russell Smith
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Cloud Computing
Build 2022: Microsoft Introduces New Dev Box Cloud PC Service for Developers
May 24, 2022 | Rabia Noureen
Use Azure ExpressRoute Private Peering & Azure Virtual WAN to Connect Privately to Microsoft 365
Apr 21, 2022 | Flo Fox
Microsoft to Make Changes to Cloud Licensing Restrictions after Customer Complaints
Apr 18, 2022 | Rabia Noureen
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group