星期日, 七月 20, 2014

Configure a Point-to-Site VPN in the Management Portal

Configuring a point-to-site connection takes multiple steps, but it’s a great way to have a secure connection from your computer to your virtual network without acquiring and configuring a VPN device. There are 3 main parts to configuring a point-to-site VPN: the virtual network and gateway, the certificates used for authentication, and the VPN client that is used to connect to your virtual network. The order in which you configure each of these is important, so don’t skip steps or jump ahead.
  1. Configure a virtual network and a dynamic routing gateway
  2. Create your certificates
  3. Configure your VPN client

A point-to-site connection requires a virtual network with a dynamic routing gateway. The steps below will walk you through creating both.

Create a virtual network

  1. Log in to the Windows Azure Management Portal.
  2. In the lower left-hand corner of the screen, click New. In the navigation pane, click Network Services, and then click Virtual Network. Click Custom Create to begin the configuration wizard.
  3. On the Virtual Network Details page, enter the following information, and then click the next arrow on the lower right. For more information about the settings on the details page, see the Virtual Network Details page.
    • Name – Name your virtual network. For example “VNetEast”. This will be the name that you’ll refer to when you deploy VMs and PaaS instances to this VNet.
    • Location – The location is directly related to the physical location (region) where you want your resources (VMs) to reside. For example, if you want the VMs that you deploy to this virtual network to be physically located in East US, select that location. You can’t change the region associated with your virtual network after you create it.
  4. On the DNS Servers and VPN Connectivity page, enter the following information, and then click the next arrow on the lower right. For more information, see the DNS Servers and VPN Connectivity page.
    • DNS Servers – Enter the DNS server name and IP address, or select a previously registered DNS server from the dropdown. This setting does not create a DNS server, it allows you to specify the DNS servers that you want to use for name resolution for this virtual network. If you want to use the Azure default name resolution service, leave this section blank.