title | description | titleSuffix | author | ms.service | ms.topic | ms.date | ms.author |
---|---|---|---|---|---|---|---|
Microsoft Entra tenant for User VPN connections: Microsoft Entra authentication -OpenVPN |
You can use Azure Virtual WAN User VPN (point-to-site) to connect to your VNet using Microsoft Entra authentication |
Azure Virtual WAN |
cherylmc |
virtual-wan |
how-to |
11/21/2023 |
cherylmc |
When you connect to your VNet using Virtual WAN User VPN (point-to-site), you have a choice of which protocol to use. The protocol you use determines the authentication options that are available to you. If you're using the OpenVPN protocol, Microsoft Entra authentication is one of the authentication options available for you to use. This article helps you configure a Microsoft Entra tenant for Virtual WAN User VPN (point-to-site) using OpenVPN authentication.
[!INCLUDE OpenVPN note]
Verify that you have a Microsoft Entra tenant. If you don't have a Microsoft Entra tenant, you can create one using the steps in the Create a new tenant article:
- Organization name
- Initial domain name
-
Create two accounts in the newly created Microsoft Entra tenant. For steps, see Add or delete a new user.
- Global administrator account
- User account
The global administrator account will be used to grant consent to the Azure VPN app registration. The user account can be used to test OpenVPN authentication.
-
Assign one of the accounts the Global administrator role. For steps, see Assign administrator and non-administrator roles to users with Microsoft Entra ID.
[!INCLUDE Steps to enable the tenant]
In order to connect to your virtual networks using Microsoft Entra authentication, you must create a User VPN configuration and associate it to a Virtual Hub. See Configure Microsoft Entra authentication for point-to-site connection to Azure.