Click it and it will give you the options of “Add” or “Import”.
At the bottom of the screen to the left there should be a plus icon. Inside AzureVPN is a configuration file called “azurevpnconfig”.Ģ. You should see 3 folders, one being AzureVPN. Once the VPN client file has been downloaded unzip it. This will be the configuration information needed to set up an Azure VPN.ġ.
Once this is done download the VPN client. Select Save at the top of the page to save all of the configuration settings.ĥ. You can add up to 20 trusted root certificates.Ĥ. Name the certificate “PS2RootCert”, or if that name is already in use name the certificate “PS2RootCert_YourUserName”, and then select Save. Paste the certificate data into the Public Certificate Data field. Navigate to Virtual Network Gateways > Point-to-site configuration.ģ. Once edited copy only the text as one continuous line.Įnter the Root certificate into the Azure Point-to-Site configurationĢ. You may need to modify your view in the text editor to ‘Show Symbol/Show all characters’ to see the carriage returns and line feeds. Paste the copied text into a new Notepad++ window and edit the pasted text to make sure that the text is one continuous line without carriage returns or line feeds. Copy only the following section (excluding the header and footer between the dashes and the dashes themselves, e.g. Open the PS2RootCert certificate with a text editor, such as Notepad++.Ģ. > Click Finish to export the certificate.ġ. For File name, name the certificate “PS2ChildCert” Then, click Next. > On the File to Export, Browse to the location to which you want to export the certificate.
If you select to use a password, make sure to record or remember the password that you set for this certificate. > On the Security page, you must protect the private key. Without it, client authentication fails because the client doesn’t have the trusted root certificate. This setting additionally exports the root certificate information that is required for successful client authentication. Make sure that Include all certificates in the certification path if possible is selected. > On the Export File Format page, leave the defaults selected. > Select Yes, export the private key, and then click Next > In the Certificate Export Wizard, click Next to continue This opens the Certificate Export Wizard. Now export the PS2ChildCert which has slightly different steps to follow than above. You should then see: “The export was successful”Ģ. For File name, name the certificate file “PS2RootCert”. > For File to Export, Browse to the location to which you want to export the certificate.
> On the Export File Format page, select Base-64 encoded X.509 (.CER)., and then click Next > Select No, do not export the private key, and then click Next Once PS2RootCert has been created and is visible in certmgr right-click on it. CertStoreLocation "Cert:\CurrentUser\My" ` Subject "CN=PS2ChildCert" -KeyExportPolicy Exportable ` New-SelfSignedCertificate -Type Custom -DnsName P2SChildCert -KeySpec Signature ` CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign Subject "CN=PS2RootCert" -KeyExportPolicy Exportable ` $cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature `
The example creates a self-signed root certificate named “PS2RootCert” and “PS2ChildCert” that is automatically installed in “Certificates-Current User\Personal\Certificates” (i.e. Copy and paste the following example into Powershell to create the self-signed root certificate and child certificate. > (type) Windows Powershell (right click: Run as Administrator)ģ. Open a Windows PowerShell console with elevated privileges. This is where your certificates will appear once created so keep the certmgr.msc window open.Ģ.
Enter the Root certificate into the Azure Point-to-Site configurationįollowing these instructions should allow you to connect to Azure using the Azure VPN client.
The following example is for a computer running Windows 10 or Windows Server 2016.