Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a computer named Computer1 that has a point-to-site VPN connection to an Azure virtual network named VNet1. The point-to-site connection uses a self-signed certificate.
From Azure, you download and install the VPN client configuration package on a computer named Computer2.
You need to ensure that you can establish a point-to-site VPN connection to VNet1 from Computer2.
Solution: You modify the Azure Active Directory (Azure AD) authentication policies.
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B
Instead export the client certificate from Computer1 and install the certificate on Computer2.
Note:
Each client computer that connects to a VNet using Point-to-Site must have a client certificate installed. You generate a client certificate from the self-signed root certificate, and then export and install the client certificate. If the client certificate is not installed, authentication fails.
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-siteNo, modifying the Azure AD authentication policies will not enable the point-to-site VPN connection from Computer2 to VNet1.
The scenario mentions that the point-to-site VPN connection between Computer1 and VNet1 uses a self-signed certificate. Therefore, to enable the point-to-site VPN connection from Computer2 to VNet1, the VPN client configuration package needs to be installed on Computer2 along with the root certificate that was used to generate the self-signed certificate on Computer1.
The root certificate can be exported from Computer1 and then imported into the Trusted Root Certification Authorities store on Computer2. Alternatively, the root certificate can be uploaded to Azure and then downloaded and installed along with the VPN client configuration package on Computer2.
Modifying Azure AD authentication policies is not relevant to establishing a point-to-site VPN connection in this scenario. Azure AD authentication policies are used to configure authentication options for users signing in to Azure AD and accessing Azure resources, such as multi-factor authentication and conditional access policies.