Client Options? Azure VPN Gateway w/ OpenVPN (SSL) and Azure Active Directory Authentication

Question

Are there other options for Azure VPN Client using Azure AD Authentication?

Tunnel Type: OpenVPN (SSL)

Authentication Type: Azure Active Directory

I've set up an Azure VPN Gateway using the following - https://learn.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-tenant

The setup currently works and I'm able to connect to my Azure instance with access to my internal resources. We are currently using the Azure VPN Client that has to be downloaded from the Windows 10 MS store. We are running into an issue where there are some client systems that we do not have control over have their access to the MS Store disabled and cannot download the Azure VPN Client. We have also explored OpenVPN but not sure if this is supported and only is available if we were using certificate-based authentication.

We really want to be able to VPN and use the Azure Active Directory for authentication. In a complete windows environment, this seems doable and documented well but I have not been able to find a more vendor-agnostic VPN client to use in order to configure systems differently. We may have to also test with Mac systems so something that can be used more universally would be optimal.

Please tell me there are other options and Azure VPN Client is not the only way to get Azure Active Directory authentication to work.

Thank you again in advance.

Answer 1

Hello @Monty Veerachaylukana ,

If you are looking for:
Tunnel Type: OpenVPN (SSL)
Authentication Type: Azure Active Directory

Then, Windows 10 operating system is the only available option at this point.
And yes, you can only use Azure VPN Client to obtain and validate an Azure AD token.

If you are looking for:
Tunnel Type: OpenVPN (SSL)
Authentication Type: Radius or Azure Certificate

Then you have Windows, Mac, iOS, Android & Linux OS options available and you can use the OpenVPN client from the OpenVPN website along with the respective native clients.

Reference articles for more information : https://learn.microsoft.com/en-us/azure/vpn-gateway/work-remotely-support#p2s
https://azure.microsoft.com/en-in/updates/aad-support-in-vpn/
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-openvpn-clients

Kindly let us know if the above helps or you need further assistance on this issue.

----------------------------------------------------------------------------------------------------------------

Please don’t forget to "Accept the answer" wherever the information provided helps you, this can be beneficial to other community members.

Answer 2

Ack, maybe a partial answer or possibly complete if by the first row/column of this chart is intended to be specific.

https://learn.microsoft.com/en-us/azure/vpn-gateway/work-remotely-support#p2s

Point to Site
Azure AD - Only supported under Windows 10 using OpenVPN [Azure VPN client]

Does that mean no other client can be used since it is saying AzureVPN? Just confusing a bit since just before that it says OpenVPN. I realize that is the tunnel type but that is also a type of client.

Confirmation would still be great but this appears to be pretty spot on.