You are on page 1of 1

How to Create a Point to Site VPN to Azure Virtual Network

Step by Step Tutorial

1) Create a Virtual Network


0) Named - VNET-01
1) Address Space - 10.10.0.0/16
2) Subnet - 10.10.10.0/24
2) Create a GatewaySubnet within the Virtual Network
1) GatewaySubnet - 10.10.1.0/24
3) Create a Virtual Network Gateway
1) Associate to Virtual Network VNET-01
2) This takes Azure 45 minutes to complete
4) Create a VM within the Virtual Network VNET-01
5) Create the Root VPN Certificate
1) Download Windows SDK if neccessary - https://developer.microsoft.com/en-us...
2) Go to Directory - C:\Program Files (x86)\Windows Kits\10\bin\x86
3) Run Command - makecert -sky exchange -r -n "CN=AzureVpnRootCert" -pe -a
sha1 -len 2048 -ss My "AzureVpnRootCert.cer"
4) Run CertMgr to Convert to BASE64 - certmgr.msc
5) Find Cert in Personal\Certificates and Export to BASE64 without Password
6) Open Base64 Cert in Text Editor, put in one line and paste into Azure
Root Cert Settings
6) Create the Client Certificate
1) Command - makecert.exe -n "CN=AzureVpnClientCert" -pe -sky exchange -m
96 -ss My -in "AzureVpnRootCert" -is my -a sha1
2) Run CertMgr to Convert to PFX file - certmgr.msc
3) Find Cert in Personal\Certificates and Export to BASE64 with Password
4) This pfx file must be installed and distributed to users with VPN
Software
7) Get up Gateway Point to Site Setting
1) Address Space - 172.20.20.0/24
2) Set up Root Certificate
a) Name - AzureVPN
b) Cert -
MIIDCDCCAfSgAwIBAgIQaJWEScsSKplBONYqfhQDZjAJBgUrDgMCHQUAMBsxGTAXBgNVBAMTEEF6dXJlVnB
uUm9vdENlcnQwHhcNMTYxMjE5MDg0MjM5WhcNMzkxMjMxMjM1OTU5WjAbMRkwFwYDVQQDExBBenVyZVZwbl
Jvb3RDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1J2+mypZtKY/XHrPl3NE2a0I+YacS
goji4smnrciF5M621hrJMLXLTwTLP0Y/zVgxqXnbB/xEfJrccYqZgBwzrvKHH609RARiIpJYpdyomBFCvsv
iZRJK+FRZn9es3BUnhlGYlEG1lidZbeUHVEf2MSc8QSZOm6OWvE/DYYjQ3gyUHl2wndsU8AppaHqRFiLuKA
108IlDrPGMpaS/u+zFsfn9vTWE0m2aJgp6JBhB8OEiggx93Nn8KaYtb1Y5Pp5kTFAzGHC35Yt0W639xJn56
/cEjrItqfbQ2jgOAPYk9mr0VF3v54Tq8qZAmTOrD/SxLzCJTI9yFz05Pg/lwNWaQIDAQABo1AwTjBMBgNVH
QEERTBDgBAYnN+hUpyAO1rkJ0aH9zTmoR0wGzEZMBcGA1UEAxMQQXp1cmVWcG5Sb290Q2VydIIQaJWEScsS
KplBONYqfhQDZjAJBgUrDgMCHQUAA4IBAQA4KHuby1KLyEtGVOxIgxk+eJDf76wbtCrbYEVyiULV+NcHgy+
zb7PXHXFT6Rn24aqF3tmzqvrw3GSqUWaXOb3B5a4OSTa+kG0flXl1bLwJLUyizA5wmL2aDM5JlliTiuYviY
DYCoO43f3+kINvQ0iVclHwPPZWk9gkZ0XYBBzDu5lJtNazG8RBvR9Kxs84rWBt8rGOa/0/qLewIIN60pzaF
GJ83BSqzR9XTt+AxE9fiGhrPgn11yZsnT2RUeP/N5R3t4iTMnZQ2yriTI1sjS5hSnhjkPhiyC3SFpcRUtB6
CXWB8mx2L2JqXZeZbUzGR+uK0GppTFsqm8Q7IDpFyaJJ
8) Download VPN Software
9) Install Client Cert
1) Right Click On Client Certificate, Click Install
2) Install VPN Software
10) Connect VPN via Network Connections