#1 – Create and Configure: Windows Azure Virtual Network, Affinity Group and Point-to-Site (P2S) VPN


This post is Part #1 of the:

Windows Azure Monitoring over P2S VPN using System Center 2012 Operations Manager

Available here: http://blogs.technet.com/b/manageabilityguys/archive/2013/11/05/windows-azure-infrastructure-as-a-service-iaas-point-to-site-p2s-test-vpn-setup-virtual-machine-monitoring-over-p2s-vpn-by-using-system-center-2012-operations-manager.aspx


Windows Azure currently provides Infrastructure-as-a-Service in two different Secure Cross-Premises connectivity options:

  • Site-to-Site VPN
  • Point-to-Site VPN


As the site-to-site VPN the point-to-site VPN also allows you to create a secure connection to your virtual network.


In a point-to-site configuration, the connection is configured individually on each client computer that you want to connect to the virtual network.


The interesting part is that Point-to-site connections do not require a VPN device.

They work by using a VPN client that you install on each client computer. The VPN is established by manually starting the connection from the on-premises client computer. You can also configure the VPN client to automatically restart.


A point-to-site configuration would be worth considering when:

  • You only want to configure a few clients to connect to a virtual network site
  • You do not have access to a VPN device that meets the minimum requirements for a site-to-site connection
  • You do not have an externally facing IPv4 IP address for your VPN device


Note: By the time of this post release the Point-to-site VPN is available in Preview. The content related to this feature is preliminary and may be subject to change by future updates within Windows Azure.


With that said;


Throughout this part I'll guide you through an overview of the important steps to create a Windows Azure Virtual Network as well as its related Affinity Group.


To create the Virtual Network we need to logon to the Windows Azure Management Portal.


After, we click Networks > + New > Custom Create

This will enable us to create the P2S Network.


In the below example the P2S-Network-1 is created alongside with the AG01 Affinity Group.



Next step is where we enable the Configure point-to-site VPN setting.


For the current scenario we will leave DNS Server settings as default.

For a production environment you may prefer to have other type of DNS setup.



Then the Address Space to be used on the Point-to-Site VPN Connection is automatically populated.



On the last step the Virtual Network Address Space and Subnet are automatically created as well.

For the current scenario we leave the default settings however we need to click add gateway subnet.



After adding the Gateway subnet we finish our Virtual Network configuration.



By clicking the Networks on the Windows Azure Management Portal we should be able to now see the P2S-Network-1.




Next Part:

#2 - Create, Export and Upload P2S VPN Root Certificate





Skip to main content