1.Create a Resource Group in Azure.
2.Search virtual wan in the Azure portal.
3.Click on virtual vWAN.
4.Click on create new vWAN with the following details.
Subscription-
Resource group name-
Name- testvWAN
Type- Standard
5.Once vWAN is created go to testvWAN and click on Hubs.
Region- south-central-us
Name- aws-mum-hub
Hub private address space- 192.168.10.0/24
a.
Create a self-signed root certificate. On
PowerShell run this:
$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject
“CN=P2SRootCert” -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength
2048 -CertStoreLocation “Cert:\CurrentUser\My” -KeyUsageProperty Sign -KeyUsage
CertSign
b. Still on same PowerShell console, generate a
client certificate:
New-SelfSignedCertificate -Type Custom
-DnsName P2SChildCert -KeySpec Signature -Subject “CN=P2SChildCert”
-KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048
-CertStoreLocation “Cert:\CurrentUser\My” -Signer $cert -TextExtension @(“2.5.29.37={text}1.3.6.1.5.5.7.3.2”)
8. Step 2 and 3 will create the following Thumbprint and Subject as shown here:
9. On your Windows GUI, run certmgr.msc and you should see
the following 2 Certificate contents:
0 on: "P2S (Point to site) connection on Azure Virtual WAN Part 1"