If it hasn't already been pointed out, at 5:39 it says to select User VPN configuration. The wording has changed in the portal to Point-to-site configuration.
Great content. I loved the fact that you go directly to the central point of the video and still is able to deliver the details necessary to get the job done.
Thank you for this! No where in Microsoft documentation (that I could find) explained what the audience and issuer values needed to be so I was sitting here pulling my hair out until I found your video. Thank you!
Did you find out where audience comes from and is it just some magical value identical to everyone (unlikely) or specific value to the tenant or AAD and if yes where do we lift that off of?
Thanks a million, helpled me a lot, however, I have a question about authentication. I've removed the user from the group to see if he could still login or not, but the user could still establish a connection, I've tested with another user that was never a member of the allowed group, and it couldn't access, which means that my setup on the Azure VPN app is correct. Though, I've even disabled that test account, so it was unable to loginto the Azure portal, however, it's still able to VPN!!!! how to fix this please, other wise I can't have this feature in production, unsafe. Thank you!
Thanks for this amazing post. Is there a way to force MFA for all VPN connections (as opposed to the just the original connection)? Ideally, when i remove a user from the group, I don't want them to still be able to connect to the VPN. Currently, when i remove a user from the group, that user can still connect to the VPN. Is there a way to force MFA for all VPN connections? Currently, theres a cookie on the client machine that will allow them to connect even after the user is removed from the group. I want to enforce for all VPN connections MFA (and not only during the initial connection). Also, I followed this youtube video setup for context
Enjoy your videos Travis and learning a lot. One question my boss is asking is if the speed, latency and connection, is any different between regular RDP or using the VM? Thanks.
Hi, Thanks so much for the video! I have a question, would you say it's best practice to set up a separate VNG with your Azure resources your VNG used for your VPN? Or does it not make a difference. I hope my question makes sense.
Fabulous video, got me thru the process - very appreciative of your professional delivery too, clear and quick, covers all the bases without meandering. But can you help with one more question - what now? I can connect my user to the Azure gateway over VPN , but how do I get them to see their remote application on the VM? Thanks again.
This is great to get this stuff configured but doing these exact steps doesn't wire up dns to your vnet. I've done all of the steps and I can connect but I can't resolve any dns names in the vnet.
Hi Travis. Great Content. Love the delivery. I just have one question. Can I use the same GW as a Site to Site active VPN for my Azure to Site VPN or is it a must that I create a new GW?
Hi Travis, another great video. I do have a question, I couldn't get this to work. I currently have the VPN set to certificate based based on one of your other videos. I removed that then followed this tutorial so that login would be user based. At the point where you install the VPN client and import the xml file and test the VPN connection (before enabling MFA) my client fails with the following error "Server did not respond properly to VPN Control Packets. Session State: Key Material sent", any ideas? Did I not release the cert version before creating this one?
Thank you! If i already have a site to site vpn can i go into that and enable the point to site? Or do you need to create a new VPN just for the point to site? Awesome info
Hi Travis. Thanks for this video. Supper helpful and easy to understand. Can the give admin consent step and restrict vpn to group step don via terraform?
Hello Travis, awesome videos. I have a question, is there any option instead to use Local administrator permissions to connect? Most of my users are configured as Standard users.
That’s so cool! Almost to easy. I’m wondering if the azure app config can be deployed with Endpoint manager? The app wouldn’t be the problem, just wondering on the config.
Hi , your channel is really useful. I have one question....after log in with some user say test1 when I disconnect and connect again it does not require MFA. Is there any way I can force vpn client to ask for MFA everytime I hit connect , like when we use Connect-AzAccount it does not save token and ask for MFA each time.
@@jesuspenaranda585 yes jesus, I saw that in conditional access. But is there any other way via which I can reduce this time or change configuration to not save token values after disconnecting vpn.
I have a number of different virtual networks in my Azure, all with servers behind them. Currently the ports to remote desktop to the servers are locked to my home IP address but I need other people to also have access. Thanks to this video I have successfully setup VPN connections but how do I configure each networks file to allow access on some ports to VPN users?
Thank you, this video was instrumental in helping me configure and install a Client - Virtual Server App. I followed the video regarding the IP / Subnet Addresses and got it to work but any suggestions to better understand the logic behind this without having to become a network engineer?
This is a great video guide. I was able to setup a P2S vpn easily just by following the steps from this video. Could you please help me with connecting to another vnet which has a gateway and is used to connect to on premise network. The other vnet has VMs in it. I want the P2S vpn users to access the resources available in that other vnet. Both resource groups are in the same region and under same subscription.
Azure VPN for P2S with MFA is ridiculously expensive at $6/user a month. Not sure if I can justify spending $10k/year for MFA. Might just end up not implementing MFA, even though we currently use MFA for onprem. (Edit: It looks like as of 5/14/2021 MFA is free for Azure VPN and no P1 license for users are needed)
Ok but you didn't go over how to VPN to the server after setting up Azure VPN Client. it still prompts me for a server username and password when mapping the drive.
Anyone help out. I have done this in the past with no issue following this video, now a separate instance and It will not connect after setting up VPN client. always fails to connect with "server did not respond properly to VPN control packets" key material sent.. Time on my PC is 100% I triple checked my settings, all seem fine?
Thank you for this content. However, I am disconnected from internet while I am connected to vpn- gateway through azure vpn client. How to solve this? I can't use Azurevpn p2s with AzureAD if I cant use internet at the same time. Thanks in advance.
Yes, it can. All you have to do is to add the address pool of the point to site in the on-premise firewall device and add the address space in the PC, once added, you have to disconnect the point to site and connect and you will be able to reach Azure and Onpremise.
This is an awesome demo and got me thinking perhaps a solution for updating remote users cached credentials on their PC after remote user reset their password via SSPR.. :)
This VPN did not change my public IP address. Is there any way to use this VPN (or any other VPN which can be used to connect azure VNet) to change my public IP address?
Hi Travis your Videos are Amazing!!! I wanted to know how can i copy data from Oracle On-prem to Blob storage in Virtual network with out using integration runtime. Can it be possible?
Hi, thanks for this video. I am getting error "Vpn client configuration AAD Audience is not valid for gateway. AAD Audience must be a Guid.". But i double checked, audience code is correct. It is same with yours also i can copy it from my Azure VPN as well. But i am getting this error, any idea? Thank you!
Hello Travis, Thank you for all your videos :) While connecting to VPN the device throws error "Connecting to VPN server failed with exception: No such host is known." however the diagnostics doesnt show any error. Do you happen to know about the issue?
Here comes the old Microsoft again...Active Directory configuration only supports a Windows only client. Useless for everyone except the smallest Microsoft only shops.
I have a VNET peered to my AADDS VNET and i specify custom DNS servers. When I connect to the Azure VPN client, I lose name resolution on my laptop. Any recommendations on this issue?
