question

FlorianLacroix-0388 avatar image
0 Votes"
FlorianLacroix-0388 asked GitaraniSharmaMSFT-4262 answered

Azure VPN Client Security

Hi everyone !

I've a question about Azure VPN Client.

I would like to know what is the security about the client by himself.

I saw that seems any users can edit config files of the VPN and import it as they want...

I would like to know if it's possible to block that and just allow administrator of the compagny to manage this part and don't allow any basic user to change settings of the Azure VPN Client.

Cordially,
Florian Lacroix

azure-vpn-gateway
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

GitaraniSharmaMSFT-4262 avatar image
0 Votes"
GitaraniSharmaMSFT-4262 answered

Hello @FlorianLacroix-0388 ,

Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

I understand that you would like to know if it's possible to block users to change the settings of the Azure VPN Client and just allow administrator of the company to manage this part.

Could you validate if you are referring to the VPN client that can be downloaded from the Azure portal?

If your users have access to Azure portal and the VPN gateway, you could restrict the permissions with RBAC custom roles and assign "NotActions" properties for P2S VPN resource level roles to all the users such as the below:

Microsoft.Network/p2sVpnGateways/read - Gets a P2SVpnGateway.
Microsoft.Network/p2sVpnGateways/write - Puts a P2SVpnGateway.
Microsoft.Network/p2sVpnGateways/generatevpnprofile/action - Generate Vpn Profile for P2SVpnGateway.

Refer : https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations#networking
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles

Kindly let us know if the above helps or you need further assistance on this issue.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.