Configure Point-to-Site Connection

CE

To configure a point-to-site connection from VNet1 to an on-premises computer, we need to perform the following two actions:

F. Add a connection to GW1: We need to add a point-to-site connection to the policy-based virtual network gateway (GW1) that is already present in the Azure subscription. A point-to-site connection is a secure connection between the virtual network and an individual computer or device over the internet. To add a point-to-site connection, we can follow the below steps:

1. In the Azure portal, open the GW1 virtual network gateway.

2. In the Settings section, click on Point-to-site configuration.

3. Click on Configure Now.

4. In the Address pool section, specify the IP address range that we want to use for the point-to-site VPN clients.

5. In the Root certificate section, upload the root certificate that will be used to authenticate the VPN clients.

6. In the VPN client section, download the VPN client package that will be used to configure the connection on the on-premises computer.

A. Add a service endpoint to VNet1: We also need to add a service endpoint to VNet1. A service endpoint is a direct connection from a virtual network to a service. By adding a service endpoint to VNet1, we ensure that traffic from the virtual network to the on-premises computer flows through the policy-based virtual network gateway (GW1) and is encrypted. To add a service endpoint, we can follow the below steps:

1. In the Azure portal, open the VNet1 virtual network.

2. In the Settings section, click on Service endpoints.

3. Click on Add.

4. In the Add service endpoint section, select the service that we want to connect to.

5. In the Configure section, select the policy-based virtual network gateway (GW1) from the Gateway dropdown list.

6. Click on OK to add the service endpoint.

Therefore, the correct actions are F and A.