Is it possible to connect to Azure VPN from Windows 7 using EAPTLS authentication?

%3CLINGO-SUB%20id%3D%22lingo-sub-1469504%22%20slang%3D%22en-US%22%3EIs%20it%20possible%20to%20connect%20to%20Azure%20VPN%20from%20Windows%207%20using%20EAPTLS%20authentication%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1469504%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20everyone%2C%3C%2FP%3E%3CP%3E%3CBR%20%2F%3Emaybe%20here%20someone%20can%20help%20me%20or%20can%20answer%20to%20my%20question.%3C%2FP%3E%3CP%3EUnfortunately%20I%20do%20not%20know%20if%20I'm%20using%20correct%20names%20for%20some%20things%20-%20if%20no%20then%20sorry.%3C%2FP%3E%3CP%3EI%20need%20to%20connect%20to%20some%20SQL%20server%20in%20Azure%20infrastructure%20using%20VPN%20form%20Windows%207%20machine.%20I%20have%20two%20XML%20files%20with%20configuration%3A%3C%2FP%3E%3CP%3Ea)%20one%20is%20for%20Azure%20VPN%20Client%20-%20this%20file%20is%20used%20on%20Windows%2010%20machines%2C%20and%20everything%20works%20correctly%2C%20by%20there%20is%20no%20(or%20I%20cant%20find)%20this%20MS%20Azure%20VPN%20Client%20for%20Windows%207%20(it%20is%20only%20available%20is%20Store%20for%20Win%2010)%3B%3C%2FP%3E%3CP%3Eb)%20second%20is%20with%20generic%20configuration%20for%20other%20clients%3C%2FP%3E%3CP%3EIn%20this%20second%20file%20are%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-yaml%22%3E%3CCODE%3E1)%20VpnServer%3A%20serve%20url%20-%22azuregateway.%22%20%2B%20%3CSOME%20guid%3D%22%22%3E%20%2B%20%22.vpn.azure.com%22%0A2)%20VpnType%3A%20OpenVPN%0A3)%20CaCert%3A%20%3CBASE64%20string%3D%22%22%3E%0A4)%20Routes%3A%203%20IP%20addresses%20with%20mask%20X.X.X.X%2FY%0A5)%20Auth%3A%20EAPTLS%0A6)%20VnetName%3A%20%3CNAME%3E%0A7)%20VnetId%3A%20%3CGUID%20same%3D%22%22%20like%3D%22%22%20in%3D%22%22%20point%3D%22%22%201%3D%22%22%3E%0A8)%20ServerCertRootCn%3A%20DigiCert%20Global%20Root%20CA%0A9)%20ServerCertIssuerCn%3A%20DigiCert%20Global%20Root%20CA%0A10)%20VpnClientAddressPool%3A%20IP%20addres%20with%20mask%20X.X.X.X%2FY%0A11)%20AadIssuer%3A%20%22https%3A%2F%2Fsts.windows.net%2F%22%20%2B%20%3CANOTHER%20guid%3D%22%22%3E%0A12)%20AadTenant%3A%20%22https%3A%2F%2Flogin.microsoftonline.com%2F%22%20%2B%20%3CGUID%20same%3D%22%22%20like%3D%22%22%20in%3D%22%22%20point%3D%22%22%2011%3D%22%22%3E%0A13)%20AadAudience%3A%20%3CTHIRD%20guid%3D%22%22%3E%0A14)%20CustomDnsServers%3A%202%20IP%20addressed%20X.X.X.X%3C%2FTHIRD%3E%3C%2FGUID%3E%3C%2FANOTHER%3E%3C%2FGUID%3E%3C%2FNAME%3E%3C%2FBASE64%3E%3C%2FSOME%3E%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20also%20login%2Fpassword%20for%20my%20user%20and%20separate%20VpnServerRoot.cer%20file%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E-%20I%20tried%20OpenVPN%20Client%20-%20but%20I%20do%20not%20know%20how%20to%20configure%20it%3C%2FP%3E%3CP%3E-%20I%20tried%20build-in%20Windows%207%20VPN%20client%20-%20but%20I'm%20not%20sure%20if%20this%20is%20possible%20using%20it.%20I%20do%20not%20know%20how%20to%20configure%20this%20EAPTLS%20authentication.%20When%20I%20fill%20VPN%20address%20and%20my%20user%2Fpassword%20and%20click%20%22Connect%22%20I%20get%20message%20that%20there%20is%3A%20%22user%20and%20password%20verification%22%2C%20and%20this%20hangs%20for%20hours.%3C%2FP%3E%3CP%3E-%20I%20tried%20find%20some%20other%20client%20-%20%3CSPAN%20class%3D%22tlid-translation%20translation%22%3E%3CSPAN%20class%3D%22%22%3Ebut%20no%20luck%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20anyone%20help%20me%20with%20this%3F%3C%2FP%3E%3CP%3EMaybe%20there%20is%20no%20way%20to%20do%20this%20from%20Win7%3F%3C%2FP%3E%3CP%3EMaybe%20I%20need%20something%20more%3F%3C%2FP%3E%3CP%3EMaybe%20it%20is%20very%20simple%20but%20I%20%3CSPAN%20class%3D%22tlid-translation%20translation%22%3E%3CSPAN%20class%3D%22%22%3Ejust%20don't%20know%20how%20to%20do%20it...%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22tlid-translation%20translation%22%3E%3CSPAN%20class%3D%22%22%3EThank%20you%20for%20any%20help.%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22tlid-translation%20translation%22%3E%3CSPAN%20class%3D%22%22%3EBast%20regards%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1469504%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20VPN%20Windows7%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1983327%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20it%20possible%20to%20connect%20to%20Azure%20VPN%20from%20Windows%207%20using%20EAPTLS%20authentication%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1983327%22%20slang%3D%22en-US%22%3E%3CP%3Ebump%20for%20this%20questions.%20I%20still%20have%20users%20running%20Win7%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

Hello everyone,


maybe here someone can help me or can answer to my question.

Unfortunately I do not know if I'm using correct names for some things - if no then sorry.

I need to connect to some SQL server in Azure infrastructure using VPN form Windows 7 machine. I have two XML files with configuration:

a) one is for Azure VPN Client - this file is used on Windows 10 machines, and everything works correctly, by there is no (or I cant find) this MS Azure VPN Client for Windows 7 (it is only available is Store for Win 10);

b) second is with generic configuration for other clients

In this second file are:

 

 

 

1) VpnServer: serve url -"azuregateway." + <some GUID> + ".vpn.azure.com"
2) VpnType: OpenVPN
3) CaCert: <Base64 String>
4) Routes: 3 IP addresses with mask X.X.X.X/Y
5) Auth: EAPTLS
6) VnetName: <Name>
7) VnetId: <GUID same like in point 1>
8) ServerCertRootCn: DigiCert Global Root CA
9) ServerCertIssuerCn: DigiCert Global Root CA
10) VpnClientAddressPool: IP addres with mask X.X.X.X/Y
11) AadIssuer: "https://sts.windows.net/" + <another GUID>
12) AadTenant: "https://login.microsoftonline.com/" + <GUID same like in point 11>
13) AadAudience: <third GUID>
14) CustomDnsServers: 2 IP addressed X.X.X.X

 

 

 

 

I have also login/password for my user and separate VpnServerRoot.cer file

 

- I tried OpenVPN Client - but I do not know how to configure it

- I tried build-in Windows 7 VPN client - but I'm not sure if this is possible using it. I do not know how to configure this EAPTLS authentication. When I fill VPN address and my user/password and click "Connect" I get message that there is: "user and password verification", and this hangs for hours.

- I tried find some other client - but no luck

 

Can anyone help me with this?

Maybe there is no way to do this from Win7?

Maybe I need something more?

Maybe it is very simple but I just don't know how to do it...

 

Thank you for any help.

 

Bast regards

 

1 Reply

bump for this questions. I still have users running Win7