Share via

Trying to integrate MFA using AD into an existing P2S VPN with little downtime

tpulley 20 Reputation points
2023-06-27T16:17:06.0333333+00:00

Currently using a certificate based VPN gateway as the means for users to connect to our Azure cloud based servers. I want to step up security for this environment. I would like to implement the AD + MFA for users with minimal impact on users. We have O365 and users are utilizing MFA via office today without issues.

I know I could edit the certificate based vpn client install to AD, however this would impact all users until I could get around to getting them back on line.

I know there is a limitation of 1 VPN gateway per Virtual Network. It would be ideal to me to have a second VPN gateway and bring in users one at a time until they have all be migrated over then remove the existing vpn solution to reduce costs.

How can I accomplish this goal? Any ideas?

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,787 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,762 questions
Accepted answer
  1. Joe Carlyle 661 Reputation points MVP
    2023-06-27T16:32:46.3566667+00:00

    There isn't a supported solution to achieve this. Unfortunately, you would have to enter that maintenance window to bring each client back online with new auth method.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. tpulley 20 Reputation points
    2023-07-10T12:22:09.3666667+00:00

    Thank you Joe for the answer. I was hoping for a better outcome. But it is what it is...

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.