cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure P2S VPN

j-ferry1180
Copper Contributor

‎Mar 17 2023 07:39 AM

‎Mar 17 2023 07:39 AM

Azure P2S VPN

I would like to know if there is an alternative to a forced tunnel VPN through Virtual WAN in Azure. We have an external company that needs to access one of our Azure Virtual Desktops. We use the azure remote desktop app that uses 365 credentials to log in so that we can apply conditional access to it. They work remotely and no longer have a central office. The issue is that they do not have a static IP address so we cannot create a conditional access policy for them, and on top of that they are in a foreign county. We do not want to give them access to our Meraki VPN, we just want to give them an isolated public IP. I was able to successfully create a virtual wan solution and a hub with a firewall deployed securing internet traffic so that its acts as a forced tunnel and it is only allowing access to the AVD services to prevent a mass amount of data from going through it. The problem is this seems way overkill and I am worried about the cost. I just want to test the waters and see if there is any other way to make this work.

933 Views
0 Likes
2 Replies
Reply
2 Replies
Mark_Albin

‎Mar 17 2023 10:10 PM - edited ‎Mar 17 2023 10:11 PM

‎Mar 17 2023 10:10 PM - edited ‎Mar 17 2023 10:11 PM

Re: Azure P2S VPN

Yes, there are alternatives to a forced tunnel VPN through Virtual WAN in Azure for your scenario.

 

One option is to use Azure Point-to-Site (P2S) VPN. With Azure P2S VPN, you can create a secure connection between the external company's computer and the Azure Virtual Desktop, without the need for a static IP address. Azure P2S VPN allows remote users to securely connect to an Azure virtual network from any location using an Internet connection. It provides secure access to resources on the virtual network, such as Azure Virtual Desktop.

To set up Azure P2S VPN, you need to create a virtual network gateway, configure the VPN client, and establish the connection. The VPN client can be installed on the external company's computer. Once the connection is established, the external company can access the Azure Virtual Desktop securely.

 

Another option is to use Azure Bastion. Azure Bastion is a fully managed platform as a service (PaaS) that provides secure and seamless RDP/SSH connectivity to Azure Virtual Machines (VMs) directly through the Azure Portal. Azure Bastion eliminates the need for a VPN or public IP address. It provides an isolated and secure connection to the Azure Virtual Desktop.

 

To set up Azure Bastion, you need to create a Bastion host and configure the RDP settings on the Azure Virtual Desktop. Once the Azure Bastion connection is established, the external company can securely access the Azure Virtual Desktop through the Azure Portal.

 

Both Azure P2S VPN and Azure Bastion provide secure and isolated access to the Azure Virtual Desktop without the need for a VPN or public IP address. You can choose the option that best suits your requirements and budget.

I hope this helps!

0 Likes
Reply
Kidd_Ip

‎Mar 19 2023 02:59 AM

‎Mar 19 2023 02:59 AM

Re: Azure P2S VPN

@j-ferry1180 

How about P2S VPN?

 

https://learn.microsoft.com/en-us/azure/vpn-gateway/design

 

0 Likes
Reply