Configure Azure Point To Site (P2S) VPN Configuration

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hello everyone my name is pritam and you are watching tech wait pray welcome to my channel and i'm back with another tech video now this is the 15th video of this tutorial series called cloud computing with microsoft azure in my last video we have seen or understood the concept of the azure vpn and also we have seen we have mainly three types of vpn that is the point to side side to side and express root which azure supports and also we have created a virtual network gateway yesterday and that was very very important guys because based on that or uh yeah based on that we will create for go further and today we'll configure the point to site vpn okay now if you have missed that video guys i would recommend you to please go and watch that video because this is the continuation of the last video so if you do not understand how we created the virtual network gateway you won't be able to understand this video so make sure you watch that and uh so let's start so so before config let's understand this what we're going to do and how it's working so i'm in the azure portal already you can see and you already know that we have a virtual network called s8vnet01 that we have created in our virtual network uh creation video so and the video link i would be given in the description again and you will also able to find the link here on your screen so we have created the s8v01 virtual network and under that we have created if i go to the subnet section and if you remember we have created two subnets one is the back end and then one is the font end you can see these are the subnets we have created and in the last video we have added the gateway subnet with it that is the gateway subnet we have created now if i go to the connected devices you can also able to find the network gateway so let's quickly see the uh bit of overview of the network gateway that we have created last day so it is under the is it vignette resource group is us location it's a gateway type is a vpn and it is route based so i've already discussed that it is very very important that you choose route base if you want to configure the point to site or side to side vpn uh the virtual network is at vin 01 again and we have assigned the public address ip address to the virtual network gateway because it would be public facing now before going to the point to site let's understand why you are doing that so you have a virtual network configured in your azure that is a zvnet uh zero one this one and now what you wanna do is that what is the meaning of point to site whenever you in a remote location okay you have a different machine different system or maybe you are on premise on your office and if you want to connect with the azure virtual network for your work then you need to install the vpn client software first for azure and then you need to connect to the azure vnet so the purpose it's pretty simple and we will configure the vpn client and also see what are the different procedures that we need to follow to successful this uh transformation of data you could say so you you are sitting in your remote location and you are trying to connect to the azv net zero one you are installing the vpn client and you are hitting on connect and then a connection has been made that's a vpn so it's a virtual private connection under the secure tunnel and it will connect to the virtual network gateway because it is the route base and vpn type and now the gateway will help to connect the data from your azure virtual network and also to the vice versa so network gateway is very very important again virtual network gateway or the vpn gateway without which we won't be able to configure the point to site all right clear now let's directly jump into it and create the point of sight configuration now i'm under the network gateway and you can see we have a option called point to side configuration here under this left hand side and i'm going to click that and now we will click on configure now and here we will configure the point to site configuration now for that the first thing that we are going to need is the address pool that we need to provide so this is nothing but this works as a kind of a dhcp so once you connect your remote machine or you know the on-premise machine to the azure v-net or the s v net zero one with the vpn client software then the uh this v-net this virtual network will give you an ip address like it's not for normal if you connect with any vpn your ip address will get changed right so in the same way uh you are deciding that which is the range of ip address that's azure is gonna assign to your client machine once you now i'm gonna give it to dot 10.0.1 dot zero slash maybe twenty four okay fine the terminal type uh let's choose it ik v2 and sstp i think authentication type will choose seo certificate now what is that certificate and why we have choose uh the azure certificate here now understand it very simple way it's why while you are installing the vpn client in your machine and you are trying to hit on connect so azure like your remote machine and the azure virtual network must have some authentication to to authenticate your request azure needs a certificate now here we are going to generate two certificate right now and i will show you how you can do that from powershell first one would be the root certificate that is the self-signed certificates because we are not using this for any enterprise so we have to use the self sign root certificate so we will generate a root certificate and we will insert the details of root certificate you can see sorry for that so you will see here we have to put the name of the root certificate and the public certificate data i'll show you how i do that you have to put there and once you save that as you will save the details of the root certificate now the clients once any client any client who wants to connect to the azure virtual network or is it vinh01 azure will check whether that machine has the client certificate proper client certificate or not so you understand that we will generate a root certificate and then we have to generate a client certificate also and that client certificate we have to install in the client machine and then on then only would be able to connect to the azv 901 or the azure virtual network with the help of the vpn client the concept is pretty simple so i will quickly create a root certificate and the child certificate sorry the client certificate and i'll i'm gonna use this my laptop for i will install the client certificate here so that i can connect to the azure vpn from and i can download the client and i'll quickly show you how i do that so let's do that so you have to go to the powershell first i will search for powershell now my powershell is uh having the add-in to connect to the uh is it azure so this is just a plugin that you need to install or extension you could say so i'll just write it the command you can just open powershell and add that or you can install the plugin okay it's pretty simple so it's already there in my machine so i'm gonna click on connect is it account and press enter so it will just connect my azure account from the powershell itself and this is the outside powershell i'm using and for certificate generation i have to use that so i'm going to choose the tech with free account it's pretty simple again guys and the authentic authentication is complete you can see i can close this tab and now i'm connected to the azure account you will see a message in short you can see now we are connected to the is my account details now to generate the root certificate i'm going to use the code and i'll just give this link you can find this information very helpful from microsoft site this is the certificate for root certificate create a self signed root certificate and go to the powershell click on enter and my root certificate has successfully generated and and how do i know that it is generated i can just search for certificate you can see manage user certificate section and most of you are working in it familiar with this panel you can check your certificate here and i'll go to the personal certificates and you can see we have a certificate called p2s root cert that is a certificate we have right now installed and because i installed it or the in this power using powershell in this machine it is automatically get installed so in whichever machine you are going to install it's gonna install no problem on that okay and also i will quickly generate the client certificate i will just copy this and make sure you are using this i mean you did not close it because if you close it you have to follow another procedure so i'll just paste it here and this is the client certificate and this is the certificate that we require in the client machine so that they can connect our as your vpn or as your virtual network so again i will just go to the certificate manager and i will just refresh it and now you can see style certificate has successfully installed in my machine and also i will show you if you want to install it in another client machine in your office machine how you do that now now we know that in assured we have to give the certificate name and the public certification data and for that for the public certification data that thing we need to export this certificate this p2s root cert i'll click on right click and alt task and i'll go to the export here i'll choose next don't export the private key next i will choose the security as best 64 encoded choose next and i will locate it on my desktop itself so that i can show you and i'll name as root cert and i'll click on next finish the export was successful and you can see this is my certificate now i go to the azure portal and i will enter the certificate name root cert and the certification data for that i'll just go here and right click and i have to open it to notepad and you will see some later which you don't understand this kind of things so this is a encrypted data you could say i'll just copy it and i'll paste it here that's it your certificate root certificate is uploaded i'm going to click on the save button so now a point to site configuration has been done now azure has the information that this is the root certificate this is my root certificate so if any machine wants to connect that they have to has so they have to have a client certificate installed in their machine and in the client certificate itself will have the information about the root certificate so azure will authenticate that and will let you come to use the azure s8 vnet01 okay so in the meantime it is getting saved so i will also let you know or i will show you how you can export the client certificate also so again going to the certificate manager i'll just click on the child certificate same process export now here you have to do something like i will export with the private key and by exporting with the private key you have to mention a username password and why it is important let me just click on next now here you have to mention a password and that password will require when you will install that machine i install this certificate with an another machine now this is i installed in my local machine because i do not have another machine but if you want to install in another machine this file then you need to provide that password so make sure you remember this password someone want to click on next again i'll choose into the desktop and it would be client certificate client crt i want to save it click on next finish now you have this file and make sure it is saved as dot pfx file now any machine you want to any remote machine you want to uh from where you want to connect to the s8v net zero on azure virtual network you need to have this file in that machine and you need when you will just install it it will ask for the password and the same password you need to have given while exporting okay also in that client machine you need another soft another thing another piece of software and that is nothing but the vpn client software itself so i've already saved it and you can see there is option under the point to site configuration itself that is the download vpn client and this is the thing we will need to install in our client machine to use the vpn client so again this is less like a cisco any connect that you have in your machine to connect with to your office server so i'm going to click on download vpn client and i'm going to install it on the desktop again okay um i'll go to the desktop this is i will unzip it and after unzipping it um let's go there and i'll go to the windows amd 64 because this is the uh 64-bit machine i have so based on that you can install it according to your system so here this client i will click on and i'm going to say yes do you want to wish to install vpn client for said vnet zero one so you know it is identified already on virtual network i'll click on yes and this is the machine where i'm gonna try to connect to the vpn now and now here i will go to the network and internet and if i go to the vpn section you can see this is the vpn client that you have installed said v net zero one and once i hit the connect button it will connect to the it will go to the network gateway and it will connect to the sv net zero one i click on connect this is the azure vpn you can see click on connect and click on continue yes and within few seconds it would connect to you to your uh azure v net is it vin 01 you can see it is verifying the password for the child certificate and the child certificate or the client certificate is installed in my machine here we go it is now connected with srv1 and i'll show you the ipad just quickly if i go to the uh cmd and press ipconfig all now let's see the ip address we are having right now after going to the azv net zero one yes you can see the adapter is it very and our oip address 10.0.1.130 because that is the address pool that we have configured now let's prove that we are connected to the s8v net zero one for sure so this is how you can configure the point to site vpn and you can connect with this so i hope the video is found very helpful for you i hope you're gonna practice that because this is very very important for the azure certification exam especially for the azure administrator okay so if you find this video helpful guys hit the like button if you have any doubts come to the comment section and please share this video with your friends and family so that you can reach out to many people thank you see you in the next video bye bye take care [Music] you

Info

Channel: TechWithPri

Views: 608

Rating: undefined out of 5

Keywords: microsoft azure, azure tutorial for beginners, azure, azure vpn, azure vpn gateway, azure vpn gateway point to site, point to site vpn azure, configure point to site vpn azure, azure p2s vpn setup, point to site, Cloud, cloud computing course, microsoft azure tutorial for beginners

Id: wtrLparqino

Channel Id: undefined

Length: 14min 45sec (885 seconds)

Published: Mon Sep 20 2021