Can I selectively enable users to connect with Azure VPN client authenticated against Azure Active Directory?

Question

Hi All,

I have successfully setup a test environment with Azure VPN Gateway SKU gwvpn1, Azure Active Directory tenant free plan, virtual network, Windows Server VM.

I have correctly registered Azure VPN application onto Azure Active Directory, configurated point to site connection with OpenVPN and Azure Active Directory authentication by VPN Gateway side, installed Azure VPN client on five Windows 10 Professional notebook and tested connection, all fine.

But, how can I selectively configure just those users enabled to connect through point to site VPN?

I mean: I could have many user accounts created on Azure Active Directory tenant but might just few need (or are allowed) to connect remotely through a point to site VPN.

Thanks in advance for any suggestion.

Regards,
R

Answer 1

@Roberto Sitzia Thank you for reaching out to Microsoft Q&A.

I understand that you want to setup selective access to P2S VPN AD users and wanted to know how to go about the same.

This is possible via Azure MFA or Azure Conditional Access both of which can provide you per user/per group access to the P2S VPN as needed. Please refer to this document for more details regarding the same.

Hope this helps. Please let us know if you have any further questions and we will be glad to assist you further. Thank you!

Remember:

Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

Want a reminder to come back and check responses? Here is how to subscribe to a notification.