On the Virtual Hub page, in the left pane, select User VPN (Point to site). To check if a hub is included in the global VPN profile, go to the Virtual WAN. If you do, the VPN client won't be load balanced to connect to that hub's gateway. However, you can choose to exclude a hub from the global VPN profile. Include or exclude a hub from a global profileīy default, every hub that uses the same User VPN Configuration is included in the global VPN profile that you generate and download. The contents of the package depend on the hubs and the authentication and tunnel type choices for the configuration that you selected. A profile package (zip file) containing VPN client configuration settings is generated and downloads to your computer. On the Download virtual WAN user VPN page, select EAPTLS, then click Generate and download profile. Then, click Download virtual WAN user VPN profile. However, if we selected the line with Hub6, the profile configuration files would be different because Hub6 uses a different User VPN Configuration.Ĭlick a line containing the User VPN Configuration you want to use. ![]() ![]() In the example, we selected the line with Hub2, but selecting Hub3 or Hub1 would generate the same profile configuration files. If you want to limit your VPN users to connect to only one hub (you don't want to use a global profile), use the Hub profile steps instead. The profile files that you generate from this page align to the User VPN Configuration, not a particular hub. In a global profile, when hubs use the same User VPN Configuration, you can click any hub row that has the User VPN Configuration you want. In the following example, you see multiple rows with hubs that use the same User VPN Configuration. Click the > to expand and view the hub names. In the Hub column, you'll see the hubs that are associated to each User VPN configuration. On the User VPN configurations page you'll see all of the User VPN configurations that you've created for your virtual WAN. In the left pane, select User VPN configurations. To generate and download VPN client profile configuration files, use the following steps: Additionally, ensure your RADIUS server is configured to accept authentication requests from the RADIUS proxy IP addresses of all point-to-site VPN gateways using this VPN configuration. If a point-to-site VPN configuration used for a global profile is configured to authenticate users using the RADIUS protocol, make sure "Use Remote/On-premises RADIUS server" is turned on for all point-to-site VPN gateways using that configuration. If a user connects to the global profile associated with the User VPN configuration, they'll connect to the closest Virtual WAN hub based on their location. This is especially useful if you have users that travel between multiple locations frequently.įor example, a User VPN Configuration is associated with two different hubs for the same virtual WAN, one in West US and one in Southeast Asia. A user connected to the global profile is directed to the hub that's closest to the user's geographic location. However, you can choose to exclude hubs from the Global Traffic Manager if necessary. The Global Traffic Manager includes all active User VPN hubs that are using that User VPN configuration. The global profile associated with a User VPN configuration points to a Global Traffic Manager. This article helps you generate VPN client configuration files for both types of profiles. The type of profile you choose depends on whether you want the VPN client to connect to a geographically load-balanced WAN-level profile (global profile), or you want to restrict the VPN client to connect only to a certain hub (hub profile). ![]() Azure Virtual WAN offers two types of connection profiles for User VPN clients: global profiles and hub profiles.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |