Azure Virtual WAN

Comprehensive documentation for network solutions.

Azure VPN Client for Virtual WAN

This section provides comprehensive guidance on deploying and managing the Azure VPN Client for connecting to your Virtual WAN hubs. The Azure VPN Client offers a seamless and secure way for remote users and branch offices to connect to your Azure virtual network resources.

Prerequisites

  • An existing Azure Virtual WAN hub.
  • User VPN configuration set up within your Virtual WAN hub.
  • Appropriate network security group (NSG) rules allowing VPN traffic.
  • User VPN connection profile downloaded from the Azure portal.

Supported Platforms

The Azure VPN Client is available for the following operating systems:

  • Windows 10/11
  • macOS (latest two versions)
  • Linux (various distributions, refer to specific download instructions)

Downloading the VPN Client

You can download the VPN client configuration profile directly from the Azure portal:

  1. Navigate to your Virtual WAN resource in the Azure portal.
  2. Under the "Virtual WAN" settings, select "User VPN configurations".
  3. Choose the user VPN configuration you want to connect to.
  4. Click the "Download VPN client" button.
  5. Select the appropriate platform (Windows, macOS, Linux) and click download. This will provide a ZIP file containing the client executable and configuration files.

Installation and Configuration

Windows

  1. Extract the contents of the downloaded ZIP file.
  2. Run the VpnClientSetup.exe executable.
  3. Follow the on-screen prompts to install the VPN client.
  4. Once installed, the VPN connection should appear in the Windows network settings.

macOS

  1. Extract the contents of the downloaded ZIP file.
  2. Open the .mobileconfig file to import the VPN profile into your macOS network settings.
  3. Navigate to System Preferences > Network.
  4. You should see a new VPN connection listed.
  5. Enter your VPN credentials when prompted.

Linux

The process for Linux may vary depending on your distribution. Generally, you will use the OpenVPN client:

  1. Install OpenVPN if you haven't already: 
    sudo apt update && sudo apt install openvpn

    (For Debian/Ubuntu-based systems)

    sudo yum install openvpn

    (For Red Hat/CentOS-based systems)

  2. Extract the contents of the downloaded ZIP file.
  3. Navigate to the directory containing the client configuration files (often ending in .ovpn).
  4. Connect using OpenVPN: 
    sudo openvpn --config /path/to/your/vpnconfig.ovpn
  5. Enter your VPN credentials when prompted.
Important: Ensure your downloaded VPN client configuration profile is up-to-date, as changes to your Virtual WAN setup might require a re-download.

Connecting to Virtual WAN

Once installed and configured, initiating a VPN connection is straightforward:

  • Windows: Click the network icon in the system tray, select the VPN connection, and click "Connect".
  • macOS: Go to System Preferences > Network, select the VPN connection, and click "Connect".
  • Linux: Use the command-line interface as shown in the installation steps.

Security Considerations

  • Always use strong, unique passwords for your VPN credentials.
  • Keep your VPN client software updated to the latest version to benefit from security patches.
  • Understand and configure network security groups (NSGs) and Azure Firewall rules to control traffic flow between your connected networks.
Tip: For multi-factor authentication (MFA) integration, ensure your Azure AD setup is configured correctly with the Virtual WAN user VPN.

Troubleshooting Common Issues

If you encounter connection problems, consider the following:

  • Verify your VPN credentials.
  • Check network connectivity to the VPN gateway.
  • Ensure NSG rules permit VPN traffic (UDP port 500 and 4500 for IKEv2, TCP 443 for SSTP if enabled).
  • Review the Azure VPN client logs for error messages.