Working with User VPN client profile files

The profile files contain information that is necessary to configure a VPN connection. This article helps you obtain and understand the information necessary for a User VPN client profile.

Download the profile

You can use the steps in the Download profiles article to download the client profile zip file.

Extract the zip file

Extract the zip file. The file contains the following folders:

Retrieve information

In the AzureVPN folder, navigate to the azurevpnconfig.xml file and open it with Notepad. Make a note of the text between the following tags.

<audience>          </audience>
<issuer>            </issuer>
<tennant>           </tennant>
<fqdn>              </fqdn>
<serversecret>      </serversecret>

Profile details

When you add a connection, use the information you collected in the previous step for the profile details page. The fields correspond to the following information:

  • Audience: Identifies the recipient resource the token is intended for.
  • Issuer: Identifies the Security Token Service (STS) that emitted the token as well as the Microsoft Entra tenant.
  • Tenant: Contains an immutable, unique identifier of the directory tenant that issued the token.
  • FQDN: The fully qualified domain name (FQDN) on the Azure VPN gateway.
  • ServerSecret: The VPN gateway preshared key.

Folder contents

  • The generic folder contains the public server certificate and the VpnSettings.xml file. The VpnSettings.xml file contains information needed to configure a generic client.

  • The downloaded zip file may also contain WindowsAmd64 and WindowsX86 folders. These folders contain the installer for SSTP and IKEv2 for Windows clients. You need admin rights on the client to install them.

  • The OpenVPN folder contains the ovpn profile that needs to be modified to include the key and the certificate. For more information, see Configure OpenVPN clients.

Next steps

For more information about Virtual WAN User VPN, see Create a User VPN connection.