VPN server deployment 2 – Integrating On-Premises Networks with Azure

2021-01-042021-01-04| Zoe PetersonVPN server deployment 2 – Integrating On-Premises Networks with Azure| 0 Comment| 10:16 AM
Categories :
  1. On the Add roles and features wizard, click Next.
  2. Select Role-based or feature-based installation. Click Next.
  3. Click Next again.
  4. Select Remote Access and click Next:

Figure 17.9 – Remote Access feature

  1. For the Features and Remote Access pages, click Next.
  2. For Role Services, select Direct Access and VPN (RAS). Then, click Add Features on the pop-up window that appears. Click Next.
  3. Click Next until you get to the confirmation screen and click Install.
  4. Before closing the wizard, click Open the Getting Started Wizard:

Figure 17.10 – Open the Getting Started Wizard

  1. Click Deploy VPN only.
  2. Right-click on the Start button and click Computer Management:

Figure 17.11 – Right-click on Start

  1. Click on Device Manager, then click on Action on the top menu, and click Add legacy hardware:

Figure 17.12 – Device Manager

  1. On the wizard, click Next. Then click Install the hardware that I manually select from a list (Advanced) on the subsequent screen. Click Next:

Figure 17.13 – Installing hardware

  1. Scroll down to select Network adapters and click Next.
  2. Select Microsoft under Manufacturer, and then Microsoft KM-TEST Loopback Adapter under Model:

Figure 17.14 – Adding a loopback adapter

  1. Click Next, then click Finish on the screens that follow. Close the Computer Management window.
  2. On the Routing and Remote Access window, right-click on your server and click Configure and Enable Routing and Remote Access on the pop-up window:

Figure 17.15 – Configure routing feature

  1. On the next wizard, click Next. Select the Virtual private network (VPN) access and NAT option. Click Next:

Figure 17.16 – VPN and NAT

  1. Select the Ethernet interface (which will show the 99.0.0.0 range next to it). Click Next:

Figure 17.17 – Ethernet interface

  1. For IP Address Assignment, select From a specified range of addresses. Click Next:

Figure 17.18 – IP Assignment on VPN

  1. Click New…. Specify as follows and click OK. Click Next:

Figure 17.19 – New IPv4 range

  1. Leave the next selection as No and click Next:

Figure 17.20 – RADIUS server configuration

  1. Click Finish. You will get warned about your firewall and you will be required to open port 4500 and 500 UDP on both inbound and outbound on the server through the Windows Defender Firewall with Advanced Security window.
  2. When the following screen pops up, click OK:

Figure 17.21 – DHCP option

  1. Click the Start button and then Windows Security:

Figure 17.22 – Windows Security

  1. Click Firewall & network protection on the left, thenclick Advanced settings on the right:

Figure 17.23 – Firewall and network protection

  1. Click Inbound Rules on the left and thenNew Rule… on the right:

Figure 17.24 – New Inbound Rule

  1. Select Port and click Next.
  2. You can configure the rule as follows, and click Next:

Figure 17.25 – UDP rule

  1. Click Allow the connection and then click Next.
  2. Click Next again, leaving Domain, Private and Public selected.
  3. Enter Name as VPNGW-inbound. Click Finish.
  4. Repeat the process for outbound, changing the name to VPNGW-outbound, and ensure that you select Allow the connection.
  5. Navigate back to the Interfaces and click

Routing and Remote Access window. Right-click on Network New Demand-dial Interface…:

Figure 17.26 – New Demand-dial Interface

  1. Click Next, then change the name to Azure VPN, and click Next.
  2. Select Connect using virtual private network (VPN) and click Next.
  3. Select IKEv2 and click Next.
  4. Enter the IP address of the VPN gateway from Azure. Click Next on this and the next screen.
  5. Click Add, then enter the following and click OK (if your VNet associated with the VPN gateway is a /16 range, then your subnet is 255.255.0.0; if it is a /24 range, then it is 255.255.255.0). Click Next:

Figure 17.27 – Static route

  1. Click Next, then Finish.
  2. Right-click Azure VPN and click Properties.
  3. Click the Security tab and then click Use preshared key for authentication. Generate a key you would like to use as a secret for the S2S connection, paste it into the Key field, and click OK:

Figure 17.28 – IKEv2 key

You have just configured your VPN server for the VPN gateway in Azure. Next, we will configure the Azure VPN Gateway side to establish an S2S connection.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Testing the load balancer – Configuring Load Balancing

2022-05-202022-05-20 Zoe PetersonTesting the load balancer – Configuring Load Balancing

Testing the load balancer To test the load balancer, we need to obtain its public [...]

Read MoreRead More

Azure VPN Gateway – Integrating On-Premises Networks with Azure

2021-08-102021-08-10 Zoe PetersonAzure VPN Gateway – Integrating On-Premises Networks with Azure

Azure VPN Gateway Azure VPN Gateway provides a secure gateway that can be used for [...]

Read MoreRead More

Features and capabilities – Configuring Load Balancing

2023-08-102023-08-10 Zoe PetersonFeatures and capabilities – Configuring Load Balancing

Features and capabilities Azure Load Balancer offers several features and capabilities as part of its [...]

Read MoreRead More