Tuesday, April 25, 2017

Azure: Deployment script for setting up Point-to-Site VPN using OpenVPN for non-PowerShell users

You're reading this because you need to configure a point-to-site VPN using a Ubuntu VM on Azure, but your OS does not provide PowerShell. (PowerShell is native to Microsoft, so if you're working on Mac OSX or Linux or another type of non-Windows machine, you won't have this at your disposal.) 

If an SSL VPN fits your needs, create a device on your Azure VNet that runs Ubuntu: you'll need to set up OpenVPN on this machine. The easiest and fastest way to do this is by running a script found here. This link will take you to a window in your browser which appears [similar to] this: 

Make sure you're logged on to your Azure portal and click the "Deploy to Azure" button, as seen above. This will bring you to a template form in the portal, that looks like this: 

Filling it out and clicking "Purchase" will launch the resources necessary for your OpenVPN setup. These resources include the Ubuntu VM device that will behave as your OpenVPN server.  

Note: All resources are assigned default names, so if you launch this script more than once (within the same resource group), you'll run into errors due to inherent naming conflicts. In this case, make sure to change the resource names using the "Edit" button, as seen above. 

This deployment script was not internally created by Microsoft: it was written by one of Microsoft's clients, which is why its existence is not very well known. Even though the complications of setting up a point-to-site VPN on Azure without access to PowerShell is a pain point that has been brought to Microsoft's attention by many non-Windows users, no features or statements have been released to resolve or address it, making this script a very important resource. Raw instructions of setting up OpenVPN using a Ubuntu VM on Azure can be found in the wild, but using this script significantly reduces the number of steps in configuring and troubleshooting this process, allowing you to quickly move on to setting up the rest of your cloud infrastructure.   
After the deployment is complete, go to the VM that was just created, find its public IP, insert it into and go to this URL: https://<PublicIP>:943/adminFrom here, standard procedures for setting up OpenVPN will resume. These procedures can be found here, starting at Step #9. (All steps before #9 have been circumvented by the deployment script discussed above.) Complete server-side setup by running through steps #9 and #10, and then complete Client Configuration (for each machine that will be using this connection) before connecting to machines inside your VNet via your new point-to-site VPN.  

No comments :

Post a Comment