How to set up VPN for Virtual Machines in Microsoft Azure

In our tutorial Migrating Sage Database from from local hosting to Azure Hosted Instance, we promised to share how to create a secure link using a Virtual Private Network (VPN). Below are step by step instructions on how to set up a VPN for Virtual Machines in Microsoft Azure.

If you would like to know more about what Microsoft Azure is and how you can use it to improve operations for your organization read more here: How Microsoft Azure has Transformed Organizations – A case of Sunesis Consulting and Cloud Computing for Work-at-Home Solutions in the wake of Corona Virus Outbreak.

How to set up a VPN

Install a client certificate

1. Locate and copy the .pfxfile to the client computer. On the client computer, double-click the .pfx file to install. Leave the Store Location as Current User, and then click Next.
2. On the File to import page, don’t make any changes. Click Next.
3. On the Private key protection page, input the password for the certificate, or verify that the security principal is correct, then click Next.
4. On the Certificate Store page, leave the default location, and then click Next.
5. Click Finish. On the Security Warning for the certificate installation, click Yes. You can feel comfortable clicking ‘Yes’ because you generated the certificate. The certificate is now successfully imported.

Generate files using the Azure portal

1. In the Azure portal, navigate to the virtual network gateway for the virtual network that you want to connect to.
2. On the virtual network gateway page, click Point-to-site configuration.
3. At the top of the Point-to-site configuration page, click Download VPN client. It takes a few minutes for the client configuration package to generate.
4. Your browser indicates that a client configuration zip file is available. It is named the same name as your gateway. Unzip the file to view the folders.

Configure the native Windows VPN client for certificate authentication:

1. Select the VPN client configuration files that correspond to the architecture of the Windows computer. For a 64-bit processor architecture, choose the ‘VpnClientSetupAmd64’ installer package. For a 32-bit processor architecture, choose the ‘VpnClientSetupX86’ installer package.
2. Double-click the package to install it. If you see a SmartScreen popup, click More info, then Run anyway.
3. On the client computer, navigate to Network Settings and click VPN. The VPN connection shows the name of the virtual network that it connects to.
4. Before you attempt to connect, verify that you have installed a client certificate on the client computer. A client certificate is required for authentication when using the native Azure certificate authentication type

Connect from a Windows VPN client

 You must have Administrator rights on the Windows client computer from which you are connecting.

1. To connect to your VNet, on the client computer, navigate to VPN connections and locate the VPN connection that you created. It is named the same name as your virtual network. Select Connect. A pop-up message may appear that refers to using the certificate. Select Continue to use elevated privileges.
2. On the Connection status page, select Connect to start the connection. If you see a Select Certificate screen, verify that the client certificate showing is the one that you want to use to connect. If it is not, use the drop-down arrow to select the correct certificate, and then select OK.

3. Your connection is established.

For professional assistance on how to set up a VPN or configuring Virtual Machines in Microsoft Azure contact us here.