Azure VPN (P2S) setup always on

Amit Kumar 6 Reputation points
2020-05-20T08:39:25.573+00:00

Hello Friends,

I have created ADC on Azure and sync with on-premise AD using site to site vpn. and also created point to site vpn so that our Internet facing client machine can join into domain.

This setup was successfully completed.

But that challenge is that every time I need to login with Administrator and manually connect Azure VPN and then switch user and login into domain with normal domain user.

So Is there any configuration so that Azure VPN to be connected before user login and should not depend upon administrator to login manually for VPN connect.

Thanks in Advance

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,473 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,306 Reputation points
    2020-05-20T16:28:16.723+00:00

    @Amit Kumar This is not possible by design and this is mentioned in FAQs, please refer to the link below:
    https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-vpn-faq#if-i-restart-a-client-computer-configured-for-point-to-site-will-the-vpn-automatically-reconnect

    However, if you are using Windows 10 clients, you can check always ON VPN. For more information please refer to

    Applies to: Windows Server (Semi-Annual Channel), Windows Server 2016, Windows Server 2012 R2, Windows 10

    -----------------------------------------------------------------------------------------------------------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community who are looking for this information.

  2. AmanpreetSingh-MSFT 56,306 Reputation points
    2020-05-21T14:14:50.983+00:00

    @Amit Kumar You don't have to edit the existing VPN profile xml file. You need to create a new one by copying the data of the generic vpnprofile.xml file given in the document to notepad and replace the values using the details from your gateway's vpnprofile. Save the file with .xml extension.

    • Server will be azuregateway-85ee006e-c2d0-4835-980b-2e517f2240d8-313ff86b1297.vpn.azure.com
    • Address will be 10.1.0.0/16
    • Next address will be 172.16.0.0/24

    The created vpnprofile.xml file should look like the attached file 8548-vpnprofile.xml

    -----------------------------------------------------------------------------------------------------------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.