Reputation: 652
I have configured my Azure VPN Client but when I connect my public ip address does not change
My Azure VPN Client shows that I am connected to my virtual network. I used AAD to configure authentication. However, when I turn the VPN on my public ip address remains the same. I have a virtual network and a gateway configured for that network. I downloaded the client profile and imported in the Azure VPN Client.
Our goal is to have multiple clients connect to our network through the gateway (which is configured) and then have one outbound IP address (so that clients can whitelist one single ip that does not change when we switch locations).
Upvotes: 1
Views: 2930
Answers (1)
Reputation: 5550
If you want to get a dedicated Public IP for P2S VPN, then you have to do forced tunneling and secure traffic via Firewall Manager.
Try to configure forced tunnelling in your Azure virtual network on your VPN gateway forced tunnelling is shown for Site-to-Site VPN scenario however the same method may be used for Point-to-Site VPN scenarios also.
To enable forced tunnelling use this below command:
$gw = Get-AzVirtualNetworkGateway -Name gatewayName -ResourceGroupName RGName
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gw -CustomRoute 0.0.0.0/1 , 128.0.0.0/1
In general, Azure P2S VPN does not enable forced tunnelling unless you utilize Azure Firewall Manager. The 0.0.0.0/0 route can be advertised to your VPN clients if you protect internet traffic through Firewall Manager. This forces all internet-bound traffic from your clients to be sent to Azure for analysis. Then, firewall SNATs the packet to the PIP of Azure Firewall for egress to Internet.
You need to use Secured Hub from V-wan with Azure Firewall Manager and configure forced tunneling refer this MsDoc
This will make sure that all the P2S VPN client traffic is forced back to the Firewall and then the Firewall will SNAT the packets to the Public IP of the Firewall and send it to Internet. This way, you can get a single Public IP for all VPN client.
Reference:
Configure forced tunneling for Virtual WAN Point-to-site VPN - Azure Virtual WAN | Microsoft Learn
Upvotes: 2
Related Questions
- Not able to delete Public IP address in azure
- Azure VPN Client "Status = VPN Platform did not trigger connection"
- Azure Virtual Network Gateway - Dynamic Public IP Address Changes
- Azure Static IP for VPN?
- Failed to save IP address changes for network interface
- Azure VPN connection and public IP
- Accidentally changed public IP address in Azure
- Changing the IP address of Azure Virtual Network cloud service
- VPN connection from enterprise to windows azure
- Azure - Active Directory in Virtual Network