Azure Point to Site VPN yapabilmek için öncelikle hazırlmamız gereken self sign sertifikalar için aşağıdaki powershell komutu kullanılabilir.
Root Sertifika için
$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject “CN=RootVolsys” -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation “Cert:\CurrentUser\My” -KeyUsageProperty Sign -KeyUsage CertSign $certdata=cert.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert) $certstring = [Convert]::ToBase64String($certdata) $certstring | clip
Client Sertifika için
New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject “CN=ClientVolsys” -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation “Cert:\CurrentUser\My” -Signer $cert -TextExtension @(“2.5.29.37={text}1.3.6.1.5.5.7.3.2”)
![Machine generated alternative text:
Microsoft Azure (Preview) Report a bug
p Search resources, services, and docs (G +1')
MICROSOFT
Create a resource
Dashboard
— All services
FAVORITES
t) Resource groups
All resources
Recent
App Services
[4] Virtual machines (classic)
Virtual machines
SQL databases
O Cloud services (classic)
Subscriptions
Azure Active Directory
(9
Monitor
Security Center
st Management + Billing
Help + support
dvlsor
Dashboard > All resources > AZGTWVOLSYS > AZNETVOLSYS > AZGTWVOLSYS - Point-to-site configuration
AZGTWVOLSYS - Point-to-site configuration
O Directoy: Microsoft
Virtual network gateway
x
Search (Ctrl+/)
erv•ew
Activity log
Access control (IAM)
Tags
Diagnose and solve problems
Save X Discard
Address pool
10.2.1.0/24
Tunnel type
IKEv2 and SST? (SSL)
Authentication type
• Azure certificate
Root certificates
NAME
RootVolsys
Revoked certificates
NAME
Allocated IP addresses
10.2.1.2
Download VPN client
RADIUS authentication
Settings
Configuration
Connections
Point-to-site configuration
Properties
Locks
Export template
Monitoring
Logs
lerts
Metrics
Support + troubleshooting
Resource health
Reset
PUBLIC CERTIFICATE DATA
MllC5TCCAc2gAwlBAglQUsUHnZ/Tf5BJMR4d20Dr+jANagkqhkiG9w08AQsFADAV MRMwEQYDVQC .
THUMBPRINT](https://volkandemircidotorg.files.wordpress.com/2019/10/cert.png?w=1024)
| Sertifika | Konumu (Location) |
| Client.pfx | Current User\Personel\Certificates |
| Root.cer | Local Computer\Trusted Root Certification Authorities |
Azure Security - Cyber Security 