Creating a VNET and a VPN Gateway – Azure
VPN Gateway
A VPN gateway must have a Public IP address. You first request the IP address resource, and then refer to it when creating your virtual network gateway. The IP address is dynamically assigned to the resource when the VPN gateway is created. VPN Gateway currently only supports Dynamic Public IP address allocation.
Generate Certificates – Root and Client
- Certificates are used by Azure to authenticate VPN clients for Point-to-Site VPNs. You upload the public key information of the root certificate to Azure. The public key is then considered ‘trusted’.
- Client certificates must be generated from the trusted root certificate, and then installed on each client computer in the Certificates-Current User/Personal certificate store.
- Root Certificate – You can use either a root certificate that was generated using an enterprise solution (recommended), or you can generate a self-signed certificate.
- After creating the root certificate, export the public certificate data (not the private key) as a Base-64 encoded X.509 .cer file and upload the public certificate data to Azure.
Creating a VNET
- Create a Resource Group – New-AzureRmResourceGroup -Name $RG -Location $Locationv
- Create the SUBNET configurations for the VNET – e.g. Public, Private and Gateway Subnet
- Create a Virtual Network – New-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $RG -Location $Location -AddressPrefix $VNetPrefix1,$VNetPrefix2 -Subnet $fesub, $besub, $gwsub -DnsServer 10.2.1.3
Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.
Anuj Varma – who has written 1210 posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.
Leave a Reply