How to configure a Virtual Network and a VPN in Windows Azure

In this post i am going to write how to create a Virtual Network on Windows Azure and how to connect to that Virtual Network by using a VPN.

Let me start creating a new Virtual Network by clicking on Network Services –> Virtual Network –> Custom Create


This Action is going to show a wizard where we can introduce the name of the new Virtual Network (LabVN) and where we will create a affinity group for this network (LabAffinityGroupName).

As a second step we have to add the DNS server which is going to resolve the name of our servers. In this case we don’t need a DNS server because we are going to access to the servers by using their ip address.

In this step we have to define the type of our Virtual Network as well:

POINT-TO-SITE CONNECTIVITY: this option enables you to setup a VPN connection between individual computers and the Virtual Network.

SITE-TO-SITE CONNECTIVITY: this option enables you to setup a connection between our on-premise network and the Virtual Network in Windows Azure.


In the next step we can add the addresses space:


Then we have to define the subnet for every Addresses space and a gateway which is going allow to connect to this network.


Finally we will verify the settings introduced previously and will create the Network.

Once the Virtual Network is created we have to open the Dashboard and click on Create Gateway.

To be able to connect to this Virtual Network, we have to upload a root certificate which is going to allow to securize the connectivity between the client’s machine and the Virtual Network. Every machine trying to connect to the Virtual Network should have a client certificate in other case even you won’t be able to connect even you are using the VPN.

Creating a Root Certificate

To create a root certificate we have to open a Visual Studio Command Prompt as a administrator and runnning the command below:

makecert -sky exchange -r -n “CN= LabVPNRootCertificate” -pe -a sha1 -len 2048 -ss My “LabVPNRootCertificate.cer”

Once we have created the root certificate we have to upload it to Windows Azure. To do that, click on Certificates in the Virtual Network administration and upload the file .CER created previously.

The next step is creating a client’s certificate  based on the root certificate created above.

makecert.exe -n “CN=LabVPNClientCertificate” -pe -sky exchange -m 96 -ss My -in “LabVPNRootCertificate” -is my -a sha1

After creating the certificates we can go back to Dashboard and will see two new links:


This links are going to download a small package that will install automatically the VPN in our machine.


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>