Share via

Is this what it meant by retiring manually registered P2S Azure VPN client?

Tan-9136 285 Reputation points
2025-08-19T19:04:05.3533333+00:00

Hi everyone,

From this link below, I read that Manually Registered Azure VPN Client for P2S will be retired on 3/31/28:
https://azure.microsoft.com/en-us/updates?filters=%5B%22VPN+Gateway%22%5D&searchterms=manually+registered+azure+vpn

My understanding is the difference between Microsoft-registered and Manually-registered VPN Client for P2S is just the audience value.
Microsoft-registered is using c632b3df-fb67-4d84-bdcf-b95ad541b5c8 for Azure Public.
Manually-registered is using 41b23e61-6c1e-4545-b367-cd054e0ed4b4 for Azure Public.

Is my understanding correct that this is the only difference?

I have a follow up question after this being answered.

Thank you

Azure Virtual Network
Azure Virtual Network

An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.

0 comments

Answer accepted by question author

Thanmayi Godithi 10,490 Reputation points Microsoft External Staff Moderator
2025-08-20T00:08:14.1966667+00:00

Hi @Tan-9136,

Thank you for reaching out on Microsoft Q&A forum.

I understand your concern about the retirement of manually registered Azure VPN Clients for Point-to-Site (P2S). You’re right that the audience value is the key technical difference between manually registered and Microsoft-registered clients. To give you the full picture, here’s how they compare:

Key Differences

  1. Audience Value
    • Microsoft-registered: Uses a pre-approved App ID and audience value (c632b3df-fb67-4d84-bdcf-b95ad541b5c8) that’s automatically available in your Microsoft Entra tenant.
    • Manually-registered: Requires you to manually register the Azure VPN Client app and use a different audience value (41b23e61-6c1e-4545-b367-cd054e0ed4b4).
  2. Setup Complexity
    • Microsoft-registered: No extra app registration or admin consent needed—setup is quicker and simpler.
    • Manually-registered: Requires the Cloud Application Administrator role, manual registration, and explicit admin consent.
  3. Platform Support
    • Microsoft-registered: Works on Windows, macOS, and Linux.
    • Manually-registered: Works on Windows and macOS; Linux requires custom audience values.
  4. Security & Maintenance
    • Microsoft-registered: Benefits from automatic updates and tighter integration with Microsoft Entra ID.
    • Manually-registered: Needs ongoing maintenance and will be retired after March 31, 2028.

Recommended Next Steps:

If you’re still using manually registered VPN clients, Microsoft recommends migrating to the Microsoft-registered model. Doing this will make your setup easier to manage, keep it secure, and ensure you’re fully supported after the retirement date. You can follow this guide to migrate:

We recommend completing this migration well before March 2028 to ensure a smooth transition without any connectivity issues.

Kindly let us know if the above helps or if you have any follow up questions.

Was this answer helpful?

1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.