Azure Point-to-Site VPN with Azure AD Authentication and MFA

This video goes over how to deploy an Azure VNet Gateway on an existing VNet and enable Point-to-Site (P2S) VPN connections using Azure AD to authenticate the client.  A P2S connection allows clients to connect securely to an Azure Gateway and access resources on the private VNet.  The video goes on to demonstrate how enable Multi-Factor Authentication with a Conditional Access policy or enforcing MFA per-user.

Links

Azure P2S VPN with Certificate Authentication:
https://www.ciraltos.com/azure-point-to-site-vpn-with-certificate-based-authentication/

Link to Grant Admin Consent:

https://login.microsoftonline.com/common/oauth2/authorize?client_id=41b23e61-6c1e-4545-b367-cd054e0ed4b4&response_type=code&redirect_uri=https://portal.azure.com&nonce=1234&prompt=admin_consent

Azure AD User AD Configuration Settings Links

Tenant:
https://login.microsoftonline.com/<Tenant_ID>/

Audience:
41b23e61-6c1e-4545-b367-cd054e0ed4b4

Issuer:
https://sts.windows.net/<Tenant_ID>/

Source Link (Step 9)
https://docs.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-tenant

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.