![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 71%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,795 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 67%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 50%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJK%3C/text%3E%3C/svg%3E)
Hello @Anonymous ,
I understand that you are trying to setup a P2S VPN using Azure Active Directory authentication following the steps described in our public doc tutorial but when trying to grant admin consent to the Azure VPN application using GlobalAdmin account, the public URL redirects to "https://portal.azure.com/?error=access_denied&error_description=AADSTS650054:+The+application+'api://41b23e61-6c1e-4545-b367-cd054e0ed4b4/api'+asked+for+permissions+to+access+a+resource+that+has+been+removed+or+is+no+longer+available.+Contact+the+app+vendor" and doesn't give the prompt to accept the requested permissions.
I worked with the Azure VPN and Azure AD Product Group teams and found the below:
Root Cause:
Admin Consent was failing for new customers as Azure VPN was trying to get access to Azure AD Graph and this is deprecated.
Refer : https://learn.microsoft.com/en-us/graph/migrate-azure-ad-graph-configure-permissions?tabs=http%2Cupdatepermissions-azureadgraph-powershell
This impacted only new Tenants who want to onboard to VPN and not existing customers. Some code was updated in the backend which broke the admin consent flow. The app access has been changed to Microsoft Graph now and the newly added code was removed from the Azure VPN client app from the backend which has fixed the issue.
Solution:
Now if you follow the documentation/guide Configure Azure AD tenant and settings for P2S VPN connections: Azure AD authentication: OpenVPN - Azure VPN Gateway | Microsoft Learn, the public URL at Step 2 should work without any issues.
I would request you to clear your browser cache and give it a re-try. If you face any issues, please update the thread accordingly.
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.