14: How to create an Azure Point to Site (P2S) VPN connection using PolicyPak VPN Manager

Prerequisites:

• Your Azure P2S Root certificate (in 'Certificates - Current User\Trusted Root Certificate Authorities \Certificates')
• Your Azure P2S Child certificate (in 'Certificates - Current User\Personal\Certificates')
  For more info see: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site
   
• Export of EAP connection info from a working Azure P2S VPN connection, recommend using this PowerShell script to export this info: https://github.com/richardhicks/aovpn/blob/master/Get-EapConfiguration.ps1
  For more info see: https://kb.policypak.com/kb/article/1050-policypak-vpn-manager-create-always-on-vpn-connections-in-an-instant
   

Step 1: Import the Azure P2S PFX certificate (that contains the P2S Child, and P2S Root certificates, and Private key) either manually or by using PPScripts.

PPScripts Example:

Note: Only needed if P2S certificates are not already present on endpoint.

Step 2: Create P2S Azure VPN connection using PolicyPak VPN Manager

1. Create a new PolicyPak VPN Manager Policy under either computer configuration or user configuration side.
2. Use something descriptive for the “Connection name”, choose Automatic for the “Connection type”, and fill out the remaining necessary info required (IP address, default server checkbox, etc.) then click “Next”.

3. At the “VPN connection Settings” screen select “Certificates” from the “Authentication method” dropdown list, then import the EAP information you exported earlier from a working Azure P2S VPN connection, then click “Next”.
   
   TIP: Optionally, check the option to “Remember credentials on each logon”.

4. At the “DNS Settings (Optional)” screen you can fill out the information or click “Next” to skip this screen.
5. At the “Proxy Settings (Optional)” screen you can fill out the information or click “Next” to skip this screen.
6. At the “Split Tunneling (Optional) screen you can fill out the information or click “Next” to skip this screen.
7. At the “Trusted Network Detection (Optional)” screen you can fill out the information or click “Next” to skip this screen.
8. At the final “Policy Settings” screen provide a descriptive name for the policy and then click “Finish”.

9. Lastly, apply and test the policy, if successful you will see a new VPN connection created that matches the connection name you specified in #2 above. Connect using your new Azure P2S VPN connection to ensure the connection is successful.