VPN installation didn't work with standard User

Ayman Alalwani 1 Reputation point
2022-11-05T16:42:29.307+00:00

Hi there,
I'm creating a Site-To-Site VPN conection to Azure VPN Gateway, following the official Microsoft documentation on https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal. I've generated certificates and downloaded the Azure VPN Client from portal.
However, when I try to install the generated VpnClientSetupAmd64.exe file on the target machine, a new VPN connection profile is not being created. After I double-click the executable, I'm asked an admin password, then the client seems to be installing but new connection isn't added to my network connections list.
I've tried executing the setup package with "Run as Administrator" and cleaning up old connections in my \AppData\Roaming\Microsoft\Network\Connections directory, but still same issue
note : i have faced this recently only,
before, i was able to install the vpn with standard user and its running without any issue

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,425 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,667 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. GitaraniSharma-MSFT 48,531 Reputation points Microsoft Employee
    2022-11-07T06:32:40.133+00:00

    Hello @Ayman Alalwani ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    I understand that you are unable to install the Azure P2S VPN client from Azure portal on your local machine with Standard user account and it is asking for admin rights.

    For Windows clients, you must have administrator rights on the client device in order to initiate the VPN connection from the client device to Azure.
    Please refer: https://learn.microsoft.com/en-us/azure/vpn-gateway/point-to-site-about#what-are-the-client-configuration-requirements

    Azure P2S VPN without local admin rights on Windows client is not supported at the moment as this is a constraint on the Windows platform. It’s not possible to change from Azure P2S VPNs.
    Please refer : https://feedback.azure.com/d365community/idea/3ae61fae-8426-ec11-b6e6-000d3a4f0789

    This is a limitation with the native P2S VPN client downloaded from Azure portal but Azure has a standalone VPN client available that can be installed/connected without admin rights.

    You do not need admin rights to install/connect if you use the Azure VPN Client from App Center/Microsoft store.
    Refer : https://learn.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-client#download
    App Center link: https://install.appcenter.ms/users/user-microsoft/apps/azure-vpn-client-1/distribution_groups/publicgroup/releases/9
    MS store link: https://apps.microsoft.com/store/detail/azure-vpn-client/9NP355QT2SQB?hl=en-in&gl=in
    Note : This Azure VPN client supports only OpenVPN protocol (Azure AD, Azure Certificate-based and RADIUS authentication)

    So, if you are using OpenVPN protocol with Azure Certificate/Azure AD/Radius based authentication, then you can use the above Azure VPN client to connect to Azure via P2S VPN without admin rights.
    To enable OpenVPN, please refer:
    https://learn.microsoft.com/en-us/azure/vpn-gateway/ikev2-openvpn-from-sstp#option-2---remove-sstp-and-enable-openvpn-on-the-gateway

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.