Is it possible to restrict VPN connection to specific Computers?

James 21 Reputation points
2021-06-16T21:55:44.367+00:00

We would like to set up a VPN Gateway and allow access via certificates. Following these instructions: https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal

Is it possible to restrict access to specific computers? Meaning we only want authorized devices corporate, even if the user themselves should have access. We don't want users to use non corporate devices to connect. Can we set this on the VPN Gateway?

Could we set the device certificate so that it isn't exportable?

Maybe there is a VPN client that we could lock down to prevent cloning the access to another computer?

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,507 questions
0 comments No comments
{count} votes

Accepted answer
  1. SaiKishor-MSFT 17,231 Reputation points
    2021-06-17T20:49:50.09+00:00

    @James

    If the device has a valid certificate, it will be able to connect - so the only way to achieve this would be to ensure that only "authorized" devices have the certificate. Regarding restricting exporting of device certificate, this may be something that you can acheive. Here is some information I found while looking this up:

    https://social.technet.microsoft.com/Forums/en-US/bfb92eb3-f8db-4938-a6b7-39637da9e08d/disable-exporting-of-certificates?forum=winserversecurity

    Hope this helps. Please let us know if you have any further questions and we will be glad to assist you further. Thank you!

    Remember:

    Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

    Want a reminder to come back and check responses? Here is how to subscribe to a notification.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.