One of the most common questions we get asked at Private Internet Access is, “How do I create a VPN on Azure?” It’s a common enough question that we decided to dedicate an entire blog post to it. In this post, you’ll learn about the process of creating a Virtual Private Network (VPN) on Azure.
Why Should I Create a VPN on Azure?
One of the main reasons people ask about creating a VPN on Azure is to avoid paying for data charges when using public Wi-Fi. Since most public Wi-Fi hotspots are hotspots created by large telecom companies, which are in turn are paid for by advertisers or the government, there’s typically no way to confirm how great the service will be before you sign up for it. And what if you need to use a service frequently? Won’t you end up spending a lot of money on data charges?
Creating a VPN on Azure can also help protect your privacy. As we’ve discussed on this blog, public Wi-Fi is not exactly a private space. While there’s no clear evidence that your personal information is actually being collected and shared by companies, there’s also no clear evidence that it’s not. And who knows – maybe it is! So, if you’re really paranoid, you can always create a VPN to hide your identity while using public Wi-Fi.
Another reason to create a VPN on Azure is to get a sense of independence from internet service providers. If you ever read our blog, you’ll know that we believe strongly in the value of independence for our customers. A little independence goes a long way, especially if you’ve been burned by your internet service provider in the past (we’ve all been there). If you really want to be independent, the last thing you want is to be locked into another contract with another internet service provider. When you’re forced to choose between the lesser of two evils, it’s generally considered a bad decision (at least, in terms of consumer protection).
What Is a VPN On Azure?
A VPN on Azure is simply a Virtual Private Network (VPN) set up on the Azure platform. In our case, we’ll be using the Azure ExpressRoute feature to create our VPN, as this is exactly what we need. The Azure ExpressRoute is, in short, a private connection between two locations that doesn’t go through a public network (such as the internet) – it uses a private network (located within an Azure data center, for example) to achieve this. More on this below.
Create A VPN On Azure With These Steps
Let’s get down to the nitty-gritty of setting up a VPN on Azure. You can follow these simple steps to set up your VPN on Azure and get started using it immediately.
Step 1: Select The Product
The first thing you’ll need to do is pick the product you need to use. You’ve got a few options here, as Microsoft offers both ExpressRoute and VPN, and the two are not mutually exclusive. We’ll be using ExpressRoute for our example, as this is what we need, but you can choose whichever one you prefer. You’ll also need to decide if you want to integrate your VPN with Windows or macOS clients. Since we’re using ExpressRoute for our example, the VPN will only be accessible from within Microsoft’s Azure ecosystem, so Windows devices will be the best choice. (If you’re on a Mac, you can use the built-in VPN app to connect to your VPN.) Also, make sure you pick a reputable company that is consistent across all locations – if you have questions about the company, do some research online before making a decision.
Step 2: Configure The Product
Next, you’ll need to configure the product you’ve chosen. This means entering the information needed for the VPN, including the name you want to give it, a description, and so on. You can also choose the security protocol you’ll be using, the length of the encryption key, and whether or not you want to integrate with Microsoft accounts. You can set up a VPN on Azure with strong or VPN encryption, as well as open or close network access based on your needs. A good rule of thumb is to use the “strong” setting for your VPN and the “open” setting for any Wi-Fi networks you might connect to through it – this way, nobody will be able to snoop on your internet connection, but you’ll be able to access the internet as usual whenever you need to. Don’t worry – changing these settings on Azure is super easy (and we’ll show you how later in this article).
Step 3: Create Your Network
Once you’ve configured your product, it’s time to create your network. This part is pretty straightforward – just pick a name for your network (example: “My Network”) and optionally enter a description. You’ll then be presented with a summary of what you’ve entered. At this point, you can either click the Create button (if you’re using ExpressRoute) or the Continue button (if you’re using VPN) to start creating your network. There are three steps here:
Step 3a: Configure Your Subnets
The first thing you’ll need to do is configure your subnets. A subnet is a range of IP addresses that can be used by different networks, devices, or applications to communicate with each other. In our case, we’ll need to create a subnet for the VPN, so let’s enter the relevant information and click Create.
Within the next few minutes, you’ll receive a notification that your subnet is now available. You can use this subnet to connect to the VPN, so click the green check mark to complete the process. (If you’re using VPN, this step is automatically handled for you.)
Step 3b: Associate Your VPN With An Active Directory Domain
Once you’ve created your VPN network, the next step is to associate it with an active directory domain. An active directory domain is a group of users and computers that have a common set of identity and access management policies. For instance, if you’re using Windows, open a Windows PowerShell console and type:
This will make PowerShell print out all the information about the VPN you’ve created.
This information will help you identify your VPN and its settings. Once you’ve done this, you can create additional VPNs within your active directory, or change the settings for existing VPNs, as necessary. (If you’re using ExpressRoute for your VPNs, this step is automatically handled for you.)
Step 3c: Test Your VPN Connection
Finally, it’s time to test your VPN connection. To do this, open a new browser window and enter the URL for your VPN, followed by a space and then the Domain Name System (DNS) record for your network (e.g., myvpn.vpn). If you’ve created a subnet for your VPN, you can use the IP address range of this subnet to test the connection. (If you’ve used DNS to name your network, you will need to use the DNS entries for your VPN to connect.)
As you can see, the above steps are very straightforward and should only take a few minutes to complete. Let’s now move on to configuring your VPN on Azure.
Step 4: Configure Your VPN On Azure
Now that you’ve configured your VPN and tested it, it’s time to set it up on Azure. This step is very similar to the previous one, with the exception that you’ll be using different settings for your VPN. Let’s now enter the information needed for your VPN on Azure, including the name, description, and so on. You can also choose the location for your Azure data center and the country you’d like to be available in. (You can check the status of your VPN under the Networks tab in the Azure portal – if you created a subnet for it, then this step is automatically handled for you.)
Step 4a: Select Your Region
The first step in configuring your VPN on Azure is to pick a region for it. You’ve got four options here: Northeast US, Southeast US, West US, and South Central US. (It would be best to choose a region that’s close to you, so that you can provide timely support if needed.)