Creating a Point-to-Site Connectivity using Azure Resource Manager

01Sep

Creating a Point-to-Site Connectivity using Azure Resource Manager

Karanmeet Singh | Microsoft Azure | Microsoft Azure | 0 Comments | Return

Configure a Point-to-Site connectivity to a VNet using PowerShell (ARM Mode)

Task 1: Create a Self-Signed certificate

1.	Login to your Visual Studio Virtual Machine using your credentials. Create a folder C:\P2S Certificates.
2.	Navigate to C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012\Visual Studio Tools and Run VS2012 x64 Cross Tools Command Prompt as an administrator.
3.	Run cd C:\P2S Certificates.
4.	Run the command: makecert -sky exchange -r -n "CN=RootCertificateName" -pe -a sha1 -len 2048 -ss My "RootCertificateName.cer"
5.	Verify that your certificate is there in the folder C:\P2S Certificates

Task 2: Copy and store the Public Key of the root certificate in a safe location

1.	Go to Run and type certmgr.msc. Click Run
2.	In the certmgr window, expand Personal and click on Certificates. Right click the certificate RootCertificateName àAll Tasks à Export
3.	In the Certificate Export Wizard, click Next -> No, do not export the private key -> Next
4.	Choose Base-64 encoded X.509 (.CER) format and then click Next. In the next window, enter C:\P2S Certificates\PublicKey.cer and then click Next.
5.	Click Finish and then click OK
6.	Verify that the PublicKey.cert file is there in the folder C:\P2S Certificates

Task 3: Copying Public Key in a new notepad file

1.	Right click the PublicKey.cert file and open with notepad.
2.	Remove ------BEGIN CERTIFICATE and -----END CERTIFICATE-----
3.	Start removing the spaces from the bottom left corner. Repeat until you get a straight line of the Text in the notepad.
4.	Save the file as PublicKeyText.txt in the same folder.

Task 4: Creating a New Virtual Network with VPN Gateway using Azure PowerShell

1.	Open Azure PowerShell on your PCs and type Login-AzureRmAccount
2.	Enter your azure credentials and click on Sign in
3.	Choose a subscription by running the cmdlet Get-AzureRmSubscription
4.	Select that subscription by running the cmdlet Select-AzureRmSubscription -SubscriptionName "Name of subscription". Replace the “Name of Subscription” with the subscription name you chose in previous step.
5.	Copy the below script in a new notepad file $VNetName = "MyName-VNET4" #Replace MyName with YourName $FESubName = "FrontEnd" $BESubName = "Backend" $GWSubName = "GatewaySubnet" $VNetPrefix1 = "182.168.0.0/16" #Replace 168 with your Attendee number $VNetPrefix2 = "12.254.0.0/16" #Replace 254 with your Attendee number $FESubPrefix = "182.168.1.0/24" #Replace 168 with your Attendee number $BESubPrefix = "12.254.1.0/24" #Replace 168 with your Attendee number $GWSubPrefix = "182.168.200.0/26" #Replace 168 with your Attendee number $VPNClientAddressPool = "172.16.201.0/24" $RG = "MyName-RG" #Replace MyName with YourName $Location = "Central US" $DNS = "8.8.8.8" $GWName = "MyNameGW4" #Replace 4 with your Attendee number $GWIPName = "GWIP4" #Replace 4 with your Attendee number $GWIPconfName = "gwipconf4" #Replace 4 with your Attendee number $P2SRootCertName = "ARMP2SRootCert4.cer" #Replace 4 with your Attendee number $fesub = New-AzureRmVirtualNetworkSubnetConfig -Name $FESubName -AddressPrefix $FESubPrefix $besub = New-AzureRmVirtualNetworkSubnetConfig -Name $BESubName -AddressPrefix $BESubPrefix $gwsub = New-AzureRmVirtualNetworkSubnetConfig -Name $GWSubName -AddressPrefix $GWSubPrefix New-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $RG -Location $Location -AddressPrefix $VNetPrefix1,$VNetPrefix2 -Subnet $fesub, $besub, $gwsub -DnsServer $DNS $vnet = Get-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $RG $subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name "GatewaySubnet" -VirtualNetwork $vnet $pip = New-AzureRmPublicIpAddress -Name $GWIPName -ResourceGroupName $RG -Location $Location -AllocationMethod Dynamic $ipconf = New-AzureRmVirtualNetworkGatewayIpConfig -Name $GWIPconfName -Subnet $subnet -PublicIpAddress $pip $MyP2SRootCertPubKeyBase64 = "Paste your Public Key Here" $p2srootcert = New-AzureRmVpnClientRootCertificate -Name $P2SRootCertName -PublicCertData $MyP2SRootCertPubKeyBase64 New-AzureRmVirtualNetworkGateway -Name $GWName -ResourceGroupName $RG -Location $Location -IpConfigurations $ipconf -GatewayType Vpn -VpnType RouteBased -EnableBgp $false -GatewaySku Standard -VpnClientAddressPool $VPNClientAddressPool -VpnClientRootCertificates $p2srootcert
6.	Replace the Values as specified in the comments
7.	Paste your Public Key Obtained from Task 3 in the double quotes of $MyP2SRootCertPubKeyBase64 variable.
8.	Save the file as CreateVNetWithCertificate.ps1
9.	Run PowerShell ISE as an administrator and run the above Script.
10.	Wait for a couple of minutes for the script to take its required action. Your output should be similar to this:

Task 5: Downloading the VPN Client Configuration Package

1.

In the same PowerShell_Ise window, run the cmdlet:

Get-AzureRmVpnClientPackage -ResourceGroupName $RG -VirtualNetworkGatewayName $GWName -ProcessorArchitecture Amd64

2.

Copy the URL from the output and run it in your browser.

3.

Save the client certificate in a safe location lets say C:\P2S Certificates.

Task 6: Generating and Installing the Client Certificate from the Root Certificate

1.	Navigate to C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012\Visual Studio Tools and Run VS2012 x64 Cross Tools Command Prompt as an administrator.
2.	Run cd C:\P2S Certificates.
3.	Run the command: makecert.exe -n "CN=ClientCertificateName" -pe -sky exchange -m 96 -ss My -in "RootCertificateName" -is my -a sha1
4.	Open Run using Win + R and Open certmgr.msc
5.	Expand Personal -> Certificate. Right click ClientCertificateName -> All Tasks -> Export.
6.	Click Next and then Select Yes, export the private key and then click Next
7.	Follow the further steps as described in the image below. Type Passwords as Desired.
8.	Select the directory to C:\P2S Certificates to store the certificate with name PrivateKey.pfx. Click Finish then. 16.
9.	Click OK.
10.	Confirm that the file is exported in the directory C:\P2S Certificates
11.	Double click the file and follow the procedures to Install.
12.	Enter your password for the password field and follow the rest of the procedures from the image.
13.	Click Finish and then click OK.

Task 7: Installing the Client VPN package and connecting to the VPN

1.	Navigate to the directory C:\P2S Certificates and install the Client Configuration Package.
2.	Click networks from the Bottom Right corner.
3.	You Will be able to see the VPN Network in the Networks Pane.
4.	Click Connect
5.	Click Connect Again
6.	Click Continue.
7.	Navigate back to the networks pane and confirm that the network connectivity has been established.
8.	To confirm that the connectivity has been established, open command prompt and run the command ipconfig /all. Your output should be similar to this.

THANKS!

Azure Blob Storage: The PowerShell Way!

Hi folks!Great to see you again.This blog post is purely based on Azure Blob Storage: The PowerShell...

Create a Windows Server 2012 R2 VM using ARM in Azure PowerShell

Hi Folks,In this Blog Post we will learn how to create an Azure ARM Virtual Machine using Azure Powe...

Continuous Integration/ Continuous Deployment VSTS

Following the below steps you can build and deploy your ASP.NET app to Azure from either Visua...

How to Sync On-premise AD with Windows Azure AD using Azure AD Connect tool

Azure AD is a service that provides identity and access management capabilities in the cloud. ...

How to Create an Azure Virtual Network by using a Deployment Template

Hello Folks!In this Blog post, we will try to learn how to create an Azure V-Net using an ARM templa...

Locking VMs and Resources Groups with Azure Resource Manager using Azure PowerShell

Hello Folks!In this blog post we will be talking about locking down your Azure Resources with Azure ...

Microsoft Azure: Implementing Internet Facing Load Balancers using Azure Resource Manager

Howdy Folks!I was exploring Network Load Balancer in Azure Resource Manager and found out that you c...

Microsoft Azure Stack : Power of Azure in our datacentre

Why Azure Stack?Microsoft Azure Stack is a new hybrid cloud platform product that enables our organi...

Microsoft Azure : Mobile Services - Xamarian.Android with .Net

NOTE: Microsoft Azure recommends Azure App Service Mobile Apps for all new mobile backend deployment...

Microsoft Azure : The cloud for modern business

Why Azure? Microsoft Azure: Cloud Computing Platform and Services Move faster Save Money ...

Share

Post a Comment

Recent
Popular
Tag

Authoring custom release gates

Srivatsa M S 10/3/2019 2:29:00 PM

Authoring custom release gates
Why customer should choose Azure DevOps

Abhilash Issac 7/2/2019 10:57:00 AM

Azure DevOps is rebranding of Microsoft’s Visual Studio Team Services (VSTS), which is the online version of Team Foundation Server. Here are some of the prime reasons as to why a customer shoul...
Roles in DevOps Mobile App Development

Abhilash Issac 6/11/2019 5:57:00 PM

DevOps, Azure DevOps, VSTS

DevOps can be defined as an approach to enable seamless application delivery from inception to production. This approach improves Software Development by focusing on collaboration between various stak...
What is DevOps and why Enterprises are serious about it?

Srivatsa M S 5/22/2019 5:30:00 PM

Azure, Azure DevOps, DevOps

The term DevOps is becoming increasingly familiar as more and more companies are interested in implementing it. The combination of two words, Development and Operations unified the software developmen...

How to Install TestNG framework (Step by Step installation process)

Sowmya V 9/26/2014 12:58:00 PM

TestNG framework

Steps to Install Eclipse using install new Software:Step 1: In Eclipse, on top menu bar, Under Help Menu, Click on "Install new Software" in help window. Step 2: Enter the URL (http://b...
Token Based Authentication for Web API's

Deviprasad Kotian 8/8/2017 10:55:00 AM

MVC, Web API, ASP.NET, Authentication

Securing ASP.NET Web API using Custom Token Based AuthenticationProviding a security to the Web API’s is important so that we can restrict the users to access to it. We can provide the security ...
Handling Radio buttons and Checkboxes using Selenium Webdriver

Giridhar B S 4/25/2016 11:08:00 AM

Automation, Selenium, Software Testing

The main difference between Radio button and Checkbox is that, using radio button we will be able to select only one option from the options available. whereas using checkbox, we can select multiple o...
Examples of Selenium Webdriver Scripts

Sowmya V 9/26/2014 1:24:00 PM

UnKnown

Examples of Selenium Webdriver ScriptsNow its time to code and execute the selenium webdriver scripts after installation of TestNG framework successfully.Example 1: Create a class as “Example&rd...

Contact Us