Specify Azure requirements for Azure Network Adapter

2.2 Point-to-Site (P2S) VPN Connectivity

📘Microsoft Azure Networking Solutions (AZ-700)

1. What is an Azure Network Adapter?

The Azure Network Adapter is a Windows feature that simplifies connecting a Windows 10, Windows 11, or Windows Server machine to an Azure Virtual Network (VNet) using a Point-to-Site (P2S) VPN.

  • It eliminates the need to manually configure VPN client profiles.
  • It automatically installs and configures the necessary VPN client on your machine.
  • Useful for connecting an individual workstation or server directly to a VNet for testing, remote administration, or small-scale scenarios.

Key fact: The Azure Network Adapter is only available on Windows systems (Windows 10, 11, or Server 2019+).

2. Azure Requirements for Using Azure Network Adapter

Before you can use Azure Network Adapter, your environment must meet certain requirements. These fall into Azure prerequisites and local machine prerequisites.

A. Azure Prerequisites

  1. Azure Subscription
    • You must have an active Azure subscription.
    • You need permissions to create a virtual network gateway in that subscription. Typically, the user should have Contributor or Network Contributor role.
  2. Virtual Network Gateway
    • P2S connections require a VPN gateway configured in the Azure VNet.
    • Supported gateway types:
      • Route-based VPN gateways only.
      • Examples of supported SKUs:
        • VpnGw1, VpnGw2, VpnGw3 for standard workloads.
        • VpnGw1AZ, VpnGw2AZ if you need high availability.
    • Gateway must have Point-to-Site configuration enabled.
  3. Point-to-Site Configuration
    • You must configure IP address pool for P2S clients (e.g., 172.16.201.0/24).
    • Authentication type must be specified:
      • Azure Certificate Authentication (Root and Client certificates)
      • Azure Active Directory (Azure AD) Authentication
      • RADIUS Authentication (for integration with on-premises NPS)
    • The chosen authentication must match the method supported by the Azure Network Adapter.
  4. Supported VPN Protocols
    • Azure Network Adapter supports IKEv2 and OpenVPN (SSL).
    • SSTP is automatically handled but is generally used as a fallback.

B. Local Machine Requirements

  1. Operating System
    • Windows 10 or 11 (Pro, Enterprise, or Education editions)
    • Windows Server 2019 or later
  2. Administrator Privileges
    • You need local admin rights on the machine to install the VPN client and configure network adapters.
  3. Internet Connectivity
    • The machine must be able to reach the Azure VPN gateway over the Internet.
    • Required ports:
      • UDP 500 and 4500 (for IKEv2)
      • TCP 443 (for OpenVPN)
  4. Azure PowerShell or Azure Portal Access
    • You must be able to sign in to Azure using your account.
    • Azure Network Adapter setup uses Windows GUI + Azure authentication, which pulls configuration automatically.
  5. Certificates (if using certificate-based authentication)
    • Root certificate must be uploaded to Azure.
    • Client certificate must be installed on your machine.
    • Without proper certificates, the adapter cannot establish a connection.

3. Limitations and Considerations

  • Single machine connection: Each Azure Network Adapter connects one machine at a time to the VNet.
  • No cross-platform support: Linux or macOS clients cannot use Azure Network Adapter.
  • Automatic IP assignment: The adapter automatically uses the P2S client IP pool from Azure.
  • No multi-hop routing: By default, P2S clients cannot route traffic between other VNets unless additional configuration (like VNet peering) is done.

4. Steps to Enable Azure Network Adapter (Exam-level Knowledge)

  1. Create or select a VNet in Azure.
  2. Deploy a VPN gateway in that VNet.
  3. Configure Point-to-Site settings:
    • IP address pool
    • Authentication type
    • VPN protocols
  4. On your Windows machine:
    • Open Azure Portal → navigate to your VPN gateway
    • Click Connect, then Download VPN client
    • Run the installer (Azure Network Adapter handles installation)
  5. Connect and verify:
    • Check IP address assigned from the P2S pool
    • Verify connectivity to Azure resources

5. Exam Tips

  • Know the difference between P2S VPN and S2S VPN.
  • Remember Azure Network Adapter = Windows only, single machine, simplifies P2S VPN setup.
  • Know requirements for Azure gateway, OS, authentication, and connectivity.
  • Be familiar with supported VPN protocols: IKEv2 and OpenVPN.

Summary Table: Requirements

Requirement TypeDetails
Azure SubscriptionActive subscription with Contributor/Network Contributor role
VPN GatewayRoute-based VPN gateway (VpnGw1+), P2S enabled
Authentication TypeCertificate, Azure AD, or RADIUS
VPN ProtocolIKEv2 or OpenVPN
Local OSWindows 10/11 or Server 2019+
Admin RightsRequired to install adapter
Internet PortsUDP 500/4500 (IKEv2), TCP 443 (OpenVPN)
CertificatesRoot + client certs (if certificate authentication used)

This section is highly exam-relevant. If you memorize these points, you’ll be able to answer questions on requirements, setup, limitations, and supported configurations for Azure Network Adapter and P2S VPN.

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by