Merge pull request #278453 from MicrosoftDocs/release-preview-p2s

[Scheduled Publish] from release-preview-p2s to main -- 06/18/2024 10AM

Author: Albertyang0

articles/virtual-wan/certificates-point-to-site.md

@@ -19,6 +19,10 @@ If you don't have a computer that meets the operating system requirement, you ca
 
 [!INCLUDE [Generate and export - this include is for both vpn-gateway and virtual-wan](../../includes/vpn-gateway-generate-export-certificates-include.md)]
 
+## Linux
+
+For Linux steps, see [Generate self-signed certificates - Linux - OpenSSL](../vpn-gateway/point-to-site-certificates-linux-openssl.md) or [Generate self-signed certificates - Linux - strongSwan](../vpn-gateway/vpn-gateway-certificates-point-to-site-linux.md).
+
 ## Install an exported client certificate
 
 Each client that connects over a P2S connection requires a client certificate to be installed locally. For steps to install a certificate, see [Install client certificates](install-client-certificates.md).

articles/virtual-wan/install-client-certificates.md

@@ -6,7 +6,7 @@ author: cherylmc
 ms.service: virtual-wan
 ms.custom: linux-related-content
 ms.topic: how-to
-ms.date: 08/24/2023
+ms.date: 05/15/2024
 ms.author: cherylmc
 ---
 # Install client certificates for User VPN connections
@@ -25,7 +25,7 @@ If you want to generate a client certificate, see [Generate and export certifica
 
 ## <a name="installlinux"></a>Linux
 
-The Linux client certificate is installed on the client as part of the client configuration. Use the VPN Gateway [Client configuration - Linux](../vpn-gateway/point-to-site-vpn-client-cert-linux.md) instructions.
+The Linux client certificate is installed on the client as part of the client configuration. There are a few different methods to install certificates. You can use [strongSwan](../vpn-gateway/point-to-site-vpn-client-certificate-ike-linux.md) steps, or [OpenVPN client](../vpn-gateway/point-to-site-vpn-client-certificate-openvpn-linux.md).
 
 ## Next steps
 

articles/vpn-gateway/.openpublishing.redirection.vpn-gateway.json

@@ -15,6 +15,36 @@
             "redirect_url": "/azure/vpn-gateway/nva-work-remotely-support",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/vpn-gateway/vpn-gateway-howto-openvpn.md",
+            "redirect_url": "/azure/vpn-gateway/point-to-site-about#protocol",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/vpn-gateway/openvpn-azure-ad-client.md",
+            "redirect_url": "/azure/vpn-gateway/point-to-site-entra-vpn-client-windows",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/vpn-gateway/point-to-site-vpn-client-cert-linux.md",
+            "redirect_url": "/azure/vpn-gateway/point-to-site-certificate-client-linux-azure-vpn-client",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/vpn-gateway/openvpn-azure-ad-client-mac.md",
+            "redirect_url": "/azure/vpn-gateway/point-to-site-entra-vpn-client-mac",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/vpn-gateway/point-to-site-vpn-client-cert-windows.md",
+            "redirect_url": "/azure/vpn-gateway/point-to-site-entra-vpn-client-windows",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/vpn-gateway/howto-point-to-site-multi-auth.md",
+            "redirect_url": "/azure/vpn-gateway/point-to-site-about#authentication",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/vpn-gateway/point-to-site-vpn-client-configuration-radius.md",
             "redirect_url": "/azure/vpn-gateway/point-to-site-vpn-client-configuration-radius-certificate",

articles/vpn-gateway/TOC.yml

@@ -85,7 +85,7 @@
         href: vpn-gateway-delete-vnet-gateway-portal.md
       - name: Azure PowerShell
         href: vpn-gateway-delete-vnet-gateway-powershell.md
-  - name: Site-to-site
+  - name: Site-to-site (S2S)
     items:
     - name: Configure site-to-site connections
       items:
@@ -125,120 +125,112 @@
         href: vpn-gateway-connect-different-deployment-models-portal.md
       - name: Azure PowerShell
         href: vpn-gateway-connect-different-deployment-models-powershell.md
-  - name: Point-to-site
+  - name: Point-to-site (P2S)
     items:
-    - name: Server configuration
+    - name: Certificate authentication
       items:
-      - name: Azure certificate authentication
+      - name: P2S gateway configuration
         items:
-        - name: Configure a point-to-site VPN
+        - name: Azure portal
+          href: vpn-gateway-howto-point-to-site-resource-manager-portal.md
+        - name: Azure PowerShell
+          href: vpn-gateway-howto-point-to-site-rm-ps.md
+      - name: VPN client configuration
+        items:
+        - name: Windows clients
+          items:
+          - name: Native VPN client
+            href: point-to-site-vpn-client-certificate-windows-native.md
+          - name: Azure VPN client
+            href: point-to-site-vpn-client-certificate-windows-azure-vpn-client.md
+          - name: OpenVPN client
+            href: point-to-site-vpn-client-certificate-windows-openvpn-client.md
+        - name: Linux clients
           items:
-          - name: Azure portal
-            href: vpn-gateway-howto-point-to-site-resource-manager-portal.md
-          - name: Azure PowerShell
-            href: vpn-gateway-howto-point-to-site-rm-ps.md
-        - name: Generate self-signed certificates
+          - name: Azure VPN client
+            href: point-to-site-certificate-client-linux-azure-vpn-client.md
+          - name: OpenVPN client
+            href: point-to-site-vpn-client-certificate-openvpn-linux.md
+          - name: IKEv2 -strongSwan
+            href: point-to-site-vpn-client-certificate-ike-linux.md
+        - name: macOS and iOS clients
           items:
-          - name: Azure PowerShell
-            href: vpn-gateway-certificates-point-to-site.md
-          - name: Makecert
-            href: vpn-gateway-certificates-point-to-site-makecert.md
-          - name: Linux - OpenSSL
-            href: point-to-site-certificates-linux-openssl.md
-          - name: Linux - strongSwan
-            href: vpn-gateway-certificates-point-to-site-linux.md
-      - name: RADIUS authentication
+          - name: Native VPN client
+            href: point-to-site-vpn-client-cert-mac.md
+          - name: OpenVPN client - macOS
+            href: point-to-site-vpn-client-certificate-openvpn-mac.md
+          - name: OpenVPN client - iOS
+            href: point-to-site-vpn-client-certificate-openvpn-ios.md
+      - name: Generate self-signed certificates
         items:
-        - name: Configure a point-to-site VPN
-          href: point-to-site-how-to-radius-ps.md
-        - name: Integrate point-to-site VPN RADIUS authentication with NPS server
-          href: vpn-gateway-radius-mfa-nsp.md
-      - name: Microsoft Entra ID authentication
+        - name: Azure PowerShell
+          href: vpn-gateway-certificates-point-to-site.md
+        - name: Makecert
+          href: vpn-gateway-certificates-point-to-site-makecert.md
+        - name: Linux - OpenSSL
+          href: point-to-site-certificates-linux-openssl.md
+        - name: Linux - strongSwan
+          href: vpn-gateway-certificates-point-to-site-linux.md
+      - name: Install VPN client certificates
+        href: point-to-site-how-to-vpn-client-install-azure-cert.md
+    - name: Microsoft Entra ID authentication
+      items:
+      - name: P2S gateway configuration
         items:
-        - name: Configure a point-to-site VPN and tenant
+        - name: Configure P2S - Microsoft-registered VPN client
+          href: point-to-site-entra-gateway.md
+        - name: Configure P2S - manually registered VPN client
           href: openvpn-azure-ad-tenant.md
+        - name: Change Audience for P2S gateway
+          href: point-to-site-entra-gateway-update.md
         - name: Configure access based on users and groups
           href: openvpn-azure-ad-tenant-multi-app.md
         - name: Configure Multi-Factor Authentication (MFA)
           href: openvpn-azure-ad-mfa.md
-      - name: Specify multiple authentication types for a P2S connection
-        items:
-        - name: Configure certificate and Microsoft Entra ID authentication
-          href: howto-point-to-site-multi-auth.md          
-      - name: OpenVPN tunnel type
-        items:
-        - name: Configure OpenVPN tunnel type
-          href: vpn-gateway-howto-openvpn.md
-        - name: Move to OpenVPN protocol or IKEv2 from SSTP
-          href: ikev2-openvpn-from-sstp.md
-      - name: Configure Always On tunnels
+      - name: VPN client configuration
         items:
-        - name: Device tunnel
-          href: vpn-gateway-howto-always-on-device-tunnel.md
-        - name: User tunnel
-          href: vpn-gateway-howto-always-on-user-tunnel.md
-      - name: Point-to-site session management
-        href: p2s-session-management.md
-      - name: Advertise custom routes to point-to-site clients
-        href: vpn-gateway-p2s-advertise-custom-routes.md
-      - name: Create custom IPsec policies for point-to-site
-        href: create-custom-policies-p2s-ps.md
-    - name: Client configuration
+        - name: Windows clients
+          href: point-to-site-entra-vpn-client-windows.md
+        - name: Linux clients
+          href: point-to-site-entra-vpn-client-linux.md
+        - name: macOS clients
+          href: point-to-site-entra-vpn-client-mac.md
+      - name: Generate VPN client profile configuration files
+        href: about-vpn-profile-download.md
+    - name: RADIUS authentication
       items:
-      - name: Certificate authentication
+      - name: P2S gateway configuration
         items:
-        - name: Client workflow and configuration files
-          items:
-          - name: Windows computers
-            href: point-to-site-vpn-client-cert-windows.md
-          - name: macOS-iOS
-            href: point-to-site-vpn-client-cert-mac.md
-          - name: Linux
-            href: point-to-site-vpn-client-cert-linux.md
-        - name: Configure VPN clients
-          items:
-          - name: Install client certificates
-            href: point-to-site-how-to-vpn-client-install-azure-cert.md
-          - name: Windows clients
-            items:
-            - name: Native VPN client - Windows
-              href: point-to-site-vpn-client-certificate-windows-native.md
-            - name: Azure VPN client - Windows
-              href: point-to-site-vpn-client-certificate-windows-azure-vpn-client.md
-          - name: Linux clients
-            items:
-            - name: OpenVPN client
-              href: point-to-site-vpn-client-cert-linux.md#openvpn
-            - name: IKEv2 -strongSwan
-              href: point-to-site-vpn-client-cert-linux.md#ike
-          - name: macOS and iOS clients
-            items:
-            - name: Native VPN client - macOS
-              href: point-to-site-vpn-client-cert-mac.md
-            - name: OpenVPN client - macOS
-              href: point-to-site-vpn-client-cert-mac.md
-            - name: OpenVPN client - iOS
-              href: point-to-site-vpn-client-cert-mac.md
-      - name: RADIUS authentication
+        - name: Configure a point-to-site VPN
+          href: point-to-site-how-to-radius-ps.md
+        - name: Multifactor authentication - P2S RADIUS and NPS server
+          href: vpn-gateway-radius-mfa-nsp.md
+      - name: VPN client configuration
         items:
         - name: Certificate authentication clients
           href: point-to-site-vpn-client-configuration-radius-certificate.md
         - name: Password authentication clients
           href: point-to-site-vpn-client-configuration-radius-password.md
         - name: Other authentication protocols
           href: point-to-site-vpn-client-configuration-radius-other.md
-      - name: Microsoft Entra ID authentication
-        items:
-        - name: Windows
-          href: openvpn-azure-ad-client.md
-        - name: macOS
-          href: openvpn-azure-ad-client-mac.md
-        - name: Generate profile files
-          href: about-vpn-profile-download.md 
-      - name: Azure VPN Client - optional settings
-        href: azure-vpn-client-optional-configurations.md
-      - name: Azure VPN Client versions
-        href: azure-vpn-client-versions.md
+    - name: Configure Always On tunnels
+      items:
+      - name: Device tunnel
+        href: vpn-gateway-howto-always-on-device-tunnel.md
+      - name: User tunnel
+        href: vpn-gateway-howto-always-on-user-tunnel.md  
+    - name: Move to OpenVPN or IKEv2 from SSTP
+      href: ikev2-openvpn-from-sstp.md
+    - name: P2S session management
+      href: p2s-session-management.md
+    - name: Advertise custom routes to P2S clients
+      href: vpn-gateway-p2s-advertise-custom-routes.md
+    - name: Create custom IPsec policies for P2S
+      href: create-custom-policies-p2s-ps.md
+    - name: Azure VPN Client - optional settings 
+      href: azure-vpn-client-optional-configurations.md
+    - name: Azure VPN Client versions
+      href: azure-vpn-client-versions.md
     - name: Intune - Deploy VPN client profile
       href: vpn-profile-intune.md
   - name: Manage gateway SKUs

articles/vpn-gateway/about-vpn-profile-download.md

@@ -1,15 +1,15 @@
 ---
 title: 'P2S VPN client profile configuration files - Microsoft Entra authentication'
 titleSuffix: Azure VPN Gateway
-description: Learn how to generate P2S VPN client profile configuration files for Microsoft Entra authentication.
+description: Learn how to generate P2S VPN client profile configuration files for Microsoft Entra ID authentication.
 author: cherylmc
 ms.service: vpn-gateway
 ms.custom: devx-track-azurepowershell
 ms.topic: how-to
-ms.date: 03/22/2024
+ms.date: 05/15/2024
 ms.author: cherylmc
 ---
-# Generate P2S Azure VPN Client profile configuration files - Microsoft Entra authentication
+# Generate VPN Client profile configuration files - Microsoft Entra ID authentication
 
 This article helps you generate and extract VPN client profile configuration files. Client profile configuration files contain information that's used to configure your VPN client. The sections in this article explain the information needed to configure the Azure VPN Client profile for Azure VPN Gateway point-to-site configurations that use Microsoft Entra authentication.
 
@@ -19,7 +19,8 @@ This article helps you generate and extract VPN client profile configuration fil
 
 Configure VPN clients.
 
-* [Windows - Azure VPN Client - Microsoft Entra ID](openvpn-azure-ad-client.md).
-* [macOS - Azure VPN Client - Microsoft Entra ID](openvpn-azure-ad-client-mac.md).
+* [Linux ](point-to-site-entra-vpn-client-linux.md)
+* [Windows](point-to-site-entra-vpn-client-windows.md)
+* [macOS](point-to-site-entra-vpn-client-mac.md)
 
 For more information about point-to-site, see [About point-to-site](point-to-site-about.md).

articles/vpn-gateway/azure-vpn-client-optional-configurations.md

@@ -5,35 +5,24 @@ description: Learn how to configure optional configuration settings for the Azur
 author: cherylmc
 ms.service: vpn-gateway
 ms.topic: how-to
-ms.date: 03/18/2024
+ms.date: 05/15/2024
 ms.author: cherylmc
 
 ---
 # Azure VPN Client - configure optional DNS and routing settings
 
-This article helps you configure optional settings for the Azure VPN Client for VPN Gateway P2S connections. You can configure DNS suffixes, custom DNS servers, custom routes, and VPN client-side forced tunneling.
+This article helps you configure optional settings for the Azure VPN Client for VPN Gateway point-to-site (P2S) connections. You can configure DNS suffixes, custom DNS servers, custom routes, and VPN client-side forced tunneling.
 
 > [!NOTE]
 > The Azure VPN Client is only supported for OpenVPN® protocol connections.
 >
 
-## Before you begin
+## Prerequisites
 
-If you haven't already done so, make sure you complete the following items:
+The steps in this article assume that you have configured your P2S gateway and have downloaded the Azure VPN Client to connecting client computers. For steps, see the following articles:
 
-* Generate and download the VPN client profile configuration files for your P2S deployment. Use the following steps:
-
-  1. In the Azure portal, go to the virtual network gateway.
-  1. Click **Point-to-Site configuration**.
-  1. Click **Download VPN client**.
-  1. Select the client and fill out any information that is requested.
-  1. Click **Download** to generate the .zip file.
-  1. The .zip file will download, typically to your Downloads folder.
-
-* Download and install the Azure VPN Client. For steps, see one of the following articles:
-
-  * [Certificate authentication](point-to-site-vpn-client-certificate-windows-azure-vpn-client.md)
-  * [Microsoft Entra authentication](openvpn-azure-ad-client.md#download)
+* [Certificate authentication](vpn-gateway-howto-point-to-site-resource-manager-portal.md)
+* [Microsoft Entra ID authentication](point-to-site-entra-gateway.md)
 
 ## Working with VPN client profile configuration files
 
@@ -88,7 +77,7 @@ To add custom DNS servers, modify the downloaded profile XML file and add the **
 ```
 
 > [!NOTE]
-> The OpenVPN Microsoft Entra client utilizes DNS Name Resolution Policy Table (NRPT) entries, which means DNS servers will not be listed under the output of `ipconfig /all`. To confirm your in-use DNS settings, please consult [Get-DnsClientNrptPolicy](/powershell/module/dnsclient/get-dnsclientnrptpolicy) in PowerShell.
+> When using Microsoft Entra ID authentication, the Azure VPN Client utilizes DNS Name Resolution Policy Table (NRPT) entries, which means DNS servers will not be listed under the output of `ipconfig /all`. To confirm your in-use DNS settings, please consult [Get-DnsClientNrptPolicy](/powershell/module/dnsclient/get-dnsclientnrptpolicy) in PowerShell.
 >
 
 ## Routing