Merge pull request #287250 from cherylmc/VWAN-MFA

VPN Gateway and Virtual WAN Audience ID values

Author: prmerger-automator[bot]

articles/virtual-wan/openvpn-azure-ad-tenant.md

@@ -5,9 +5,10 @@ titleSuffix: Azure Virtual WAN
 author: cherylmc
 ms.service: azure-virtual-wan
 ms.topic: how-to
-ms.date: 11/21/2023
+ms.date: 09/24/2024
 ms.author: cherylmc
 
+#Note that Audience values are not sensitive data. 
 ---
 
 # Configure a Microsoft Entra tenant for P2S User VPN OpenVPN protocol connections

articles/virtual-wan/virtual-wan-point-to-site-azure-ad.md

@@ -7,9 +7,11 @@ author: cherylmc
 
 ms.service: azure-virtual-wan
 ms.topic: how-to
-ms.date: 11/21/2023
+ms.date: 09/24/2024
 ms.author: cherylmc 
 
+#Audience ID values are not sensitive data.
+
 ---
 # Create a P2S User VPN connection using Azure Virtual WAN - Microsoft Entra authentication
 
@@ -68,14 +70,14 @@ A User VPN configuration defines the parameters for connecting remote clients. I
 
     Toggle **Microsoft Entra ID** to **Yes** and supply the following values based on your tenant details. You can view the necessary values on the Microsoft Entra ID page for Enterprise applications in the portal.
    * **Authentication method** - Select Microsoft Entra ID.
-   * **Audience** - Type in the Application ID of the [Azure VPN](openvpn-azure-ad-tenant.md) Enterprise Application registered in your Microsoft Entra tenant.
+   * **Audience** - Type the Application ID of the Azure VPN Client Enterprise Application registered in your Microsoft Entra tenant. For values, see: [Azure VPN Client Audience values](openvpn-azure-ad-tenant.md)
    * **Issuer** - `https://sts.windows.net/<your Directory ID>/`
-   * **Microsoft Entra tenant:** TenantID for the Microsoft Entra tenant. Make sure there is no `/` at the end of the Microsoft Entra tenant URL. 
+   * **Microsoft Entra tenant:** TenantID for the Microsoft Entra tenant. Make sure there is no `/` at the end of the Microsoft Entra tenant URL.
 
-     * Enter `https://login.microsoftonline.com/{AzureAD TenantID}` for Azure Public AD
-     * Enter `https://login.microsoftonline.us/{AzureAD TenantID}` for Azure Government AD
-     * Enter `https://login-us.microsoftonline.de/{AzureAD TenantID}` for Azure Germany AD
-     * Enter `https://login.chinacloudapi.cn/{AzureAD TenantID}` for China 21Vianet AD
+     * Enter `https://login.microsoftonline.com/<your Directory Tenant ID>` for Azure Public AD
+     * Enter `https://login.microsoftonline.us/<your Directory Tenant ID>` for Azure Government AD
+     * Enter `https://login-us.microsoftonline.de/<your Directory Tenant ID>` for Azure Germany AD
+     * Enter `https://login.chinacloudapi.cn/<your Directory Tenant ID>` for China 21Vianet AD
 
 1. Click **Create** to create the User VPN configuration. You'll select this configuration later in the exercise.
 

articles/vpn-gateway/openvpn-azure-ad-tenant.md

@@ -8,6 +8,8 @@ ms.topic: how-to
 ms.date: 08/14/2024
 ms.author: cherylmc
 
+#Note that Audience values are not sensitive data. 
+
 ---
 
 # Configure P2S VPN Gateway for Microsoft Entra ID authentication – manually registered app

includes/vpn-gateway-custom-audience.md

@@ -69,4 +69,4 @@ In this section, you associate the Microsoft-registered Azure VPN Client applica
 On the **Overview** page for your application, make a note of the following values that you need when you configure your point-to-site VPN gateway for Microsoft Entra ID authentication.
 
 * Application (client) ID: This is the custom Audience ID that you use for the **Audience** field when you configure your P2S VPN gateway.
-* Directory (tenent) ID: This value is part of the value required for the **Tenant** and **Issuer** field for the P2S VPN gateway.
+* Directory (tenant) ID: This value is part of the value required for the **Tenant** and **Issuer** field for the P2S VPN gateway.

includes/vpn-gateway-entra-app-id-descriptions.md

@@ -14,7 +14,7 @@ When possible, we recommend that you configure new P2S gateways using the Micros
 
 If you have an existing P2S gateway that you want to update to use a new Audience value, see [Change Audience for a P2S VPN gateway](../articles/vpn-gateway/point-to-site-entra-gateway-update.md). If you want to create or modify a custom Audience value, see [Create a custom audience app ID for P2S VPN](../articles/vpn-gateway/point-to-site-entra-register-custom-app.md). If you want to configure or restrict access to P2S based on users and groups, see [Scenario: Configure P2S VPN access based on users and groups](../articles/vpn-gateway/point-to-site-entra-users-access.md).
 
-Considerations and limitations:
+**Considerations and limitations**
 
 * A P2S VPN gateway can only support one Audience value. It can't support multiple Audience values simultaneously.
 
@@ -26,6 +26,8 @@ Considerations and limitations:
 
 * The Azure VPN Client for macOS and Windows is backward compatible with P2S gateways configured to use the older Audience values that align with the manually registered app. You can also use Custom Audience values with these clients.
 
+**Azure VPN Client Audience values**
+
 The following table shows the versions of the Azure VPN Client that are supported for each App ID and the corresponding available Audience values.
 
 [!INCLUDE [About the Microsoft-registered Azure VPN Client](vpn-gateway-entra-audience-values.md)]

includes/vpn-gateway-vwan-azure-ad-tenant.md

@@ -2,8 +2,10 @@
  author: cherylmc
  ms.service: azure-vpn-gateway
  ms.topic: include
- ms.date: 07/13/2022
+ ms.date: 09/24/2024
  ms.author: cherylmc
+
+#Note that Audience values are not sensitive data. 
 ---
 1. Sign in to the Azure portal as a user that is assigned the **Global administrator** role.