P2S (Point to site) connection on Azure Virtual WAN Part 1

 1.Create a Resource Group in Azure.

2.Search virtual wan in the Azure portal.

3.Click on virtual vWAN.

4.Click on create new vWAN with the following details.

Subscription-

Resource group name-

Name- testvWAN

Type- Standard

5.Once vWAN is created go to testvWAN and click on Hubs.

 6.Click on new HUB. Then fill in the below details.

Region- south-central-us

Name- aws-mum-hub

Hub private address space- 192.168.10.0/24

7.Generate User VPN certificate to be used for P2S (Point to the site).

 On your PC, as an administrator, Press Windows+R to open the Run dialog box, and then type “PowerShell” (and enter) in the text box:

a.       Create a self-signed root certificate. On PowerShell run this:

$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject “CN=P2SRootCert” -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation “Cert:\CurrentUser\My” -KeyUsageProperty Sign -KeyUsage CertSign

 

b.    Still on same PowerShell console, generate a client certificate:

New-SelfSignedCertificate -Type Custom -DnsName P2SChildCert -KeySpec Signature -Subject “CN=P2SChildCert” -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation “Cert:\CurrentUser\My” -Signer $cert -TextExtension @(“2.5.29.37={text}1.3.6.1.5.5.7.3.2”)

8. Step 2 and 3 will create the following Thumbprint and Subject as shown here:

9. On your Windows GUI, run certmgr.msc and you should see the following 2 Certificate contents: