Azure-hosted VPN for Remote dev teams

I need a VPN solution that is based on Azure.
We’re a small tech development team, with 3 offices, and engineers often working remote.

I’m trying to setup a VPN to further secure my resources on Azure. We also have a development machine (Mac) sitting in one of our offices that need to be made available to remote dev teams over a LAN (i.e. want to be able to SSH/RDP in). Ideally when this Mac boots up, it should automatically VPN in, maybe using a certificate or something.

Here are my requirements:

  1. VPN Client should work on both Windows and Mac
  2. Users can either login using a Azure Active Directory account OR a certificate
  3. Would like to minimize the running of any servers (down to 0 if possible). Prefer to use PaaS over IaaS.

I’ve done this kind of setup on OpenVPN before — I can always do that, but I don’t want to manage VMs. Trying to figure out if this is possible on Azure.

Seems like I can do Point-to-Site connectivity, but there’s no clear information on whether a Mac client is supported (seems officially, no), but has anyone reverse engineered the client to make it work on the Mac?

UPDATE:
Ok, maybe the question got down voted because what I’m asking for is unclear. My question is this:

Can anyone share details if they have a working setup of Azure VPN, with Point-to-Site client connections from both Windows AND Mac? If not, some other equivalent solution that doesn’t involve having to spin up a full-blown linux/windows machine?

Answer

Can anyone share details if they have a working setup of Azure VPN, with Point-to-Site client connections from both Windows AND Mac?

In brief, you need to find a SSTP VPN client supporting certificate based authentication.

The Azure P2S VPN is a SSTP VPN and it only supports certificate based authentication. To find the hostname of the Azure VPN gateway, please install the Azure VPN package on a Windows Client and check the entries in the pbk file. The path of the pbk file is “%appdata%\Microsoft\Network\Connections\Pbk”.

Here is the screenshot of my lab:

pbk

Attribution
Source : Link , Question Author : tejas , Answer Author : Steven Lee – MSFT

Leave a Comment