DRAG DROP
Your company has a main office and several branch offices.
You create an Azure subscription and you deploy several virtual machines. The virtual machines are located in
multiple subnets.
You need to provide remote access to the virtual machines to five users in each office by using a VPN
connection. The remote access connections will not require a VPN device nor a public-facing IP address in
order to work.
Which three actions should you perform in sequence before you download the VPN client on each computer?
To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.
Select and Place:
Answer: 
Correct:
Point-to-Site native Azure certificate authentication connections require the following:+
•A RouteBased VPN gateway.
•The public key (.cer file) for a root certificate, which is uploaded to Azure. Once the certificate is uploaded, it is considered a trusted certificate and is used for authentication.
•A client certificate that is generated from the root certificate and installed on each client computer that will connect to the VNet. This certificate is used for client authentication.
•A VPN client configuration. The VPN client configuration files contain the necessary information for the client to connect to the VNet. The files configure the existing VPN client that is native to the operating system. Each client that connects must be configured using the settings in the configuration files.
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal
10
0
Wrong Answer.
1. Create a point-to-site VPN.
2. Generate a self-signed root certificate and upload the certificate to Azure.
3. Generate a self-signed computer certificate for each client computer and install the respective certificate on each client computer.
Source: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-classic-azure-portal
1. Create a virtual network and a VPN gateway
2. Create gateway subnet and a dynamic routing gateway
3. Create certificates
a. Part 1: Obtain the public key (.cer) for the root certificate
b. Part 2: Generate a client certificate
4. Upload the root certificate .cer file
5. Generate and install the VPN client configuration package
6. Install the client certificate
7. Connect to Azure
1
2