Merge pull request #104907 from cherylmc/faq2

add P2S remove configuration to FAQ

Author: PRMerger19

articles/vpn-gateway/point-to-site-about.md

@@ -1,12 +1,12 @@
 ---
-title: 'About Azure Point-to-Site VPN connections | Microsoft Docs'
+title: 'About Azure Point-to-Site VPN connections | VPN Gateway'
 description: This article helps you understand Point-to-Site connections and helps you decide which P2S VPN gateway authentication type to use.
 services: vpn-gateway
 author: cherylmc
 
 ms.service: vpn-gateway
 ms.topic: conceptual
-ms.date: 02/07/2020
+ms.date: 02/19/2020
 ms.author: cherylmc
 
 ---
@@ -49,16 +49,16 @@ At a high level, you need to perform the following steps to configure Azure AD a
 
 1. [Configure an Azure AD tenant](openvpn-azure-ad-tenant.md)
 
-2. [Enable Azure AD authentication on the gateway](https://docs.microsoft.com/azure/vpn-gateway/openvpn-azure-ad-tenant#enable-authentication)
+2. [Enable Azure AD authentication on the gateway](openvpn-azure-ad-tenant.md#enable-authentication)
 
 3. [Download and configure Azure VPN Client](https://go.microsoft.com/fwlink/?linkid=2117554)
 
 
 ### Authenticate using Active Directory (AD) Domain Server
 
-AD Domain authentication allows users to connect to Azure using their organization domain credentials. It requires a RADIUS server that integrates with the AD server. Organizations can also leverage their existing RADIUS deployment.   
+AD Domain authentication allows users to connect to Azure using their organization domain credentials. It requires a RADIUS server that integrates with the AD server. Organizations can also leverage their existing RADIUS deployment.
 
-The RADIUS server could be deployed on-premises or in your Azure VNET. During authentication, the Azure VPN Gateway acts as a pass through and forwards authentication messages back and forth between the RADIUS server and the connecting device. So Gateway reachability to the RADIUS server is important. If the RADIUS server is present on-premises, then a VPN S2S connection from Azure to the on-premises site is required for reachability.  
+The RADIUS server could be deployed on-premises or in your Azure VNet. During authentication, the Azure VPN Gateway acts as a pass through and forwards authentication messages back and forth between the RADIUS server and the connecting device. So Gateway reachability to the RADIUS server is important. If the RADIUS server is present on-premises, then a VPN S2S connection from Azure to the on-premises site is required for reachability.  
 
 The RADIUS server can also integrate with AD certificate services. This lets you use the RADIUS server and your enterprise certificate deployment for P2S certificate authentication as an alternative to the Azure certificate authentication. The advantage is that you don’t need to upload root certificates and revoked certificates to Azure.
 
@@ -152,9 +152,6 @@ The zip file also provides the values of some of the important settings on the A
 |TLS_RSA_WITH_AES_128_CBC_SHA256 |
 |TLS_RSA_WITH_AES_256_CBC_SHA256 |
 
-
-
-
 ## <a name="configure"></a>How do I configure a P2S connection?
 
 A P2S configuration requires quite a few specific steps. The following articles contain the steps to walk you through P2S configuration, and links to configure the VPN client devices:
@@ -165,11 +162,9 @@ A P2S configuration requires quite a few specific steps. The following articles
 
 * [Configure OpenVPN](vpn-gateway-howto-openvpn.md)
 
-## How do I remove the configuration of a P2S connection?
-
-A P2S configuration can be removed using az cli and the following command : 
+### To remove the configuration of a P2S connection
 
-`az network vnet-gateway update --name <gateway-name> --resource-group <resource-group name> --remove "vpnClientConfiguration"`
+For steps, see the [FAQ](#removeconfig), below.
 
 ## <a name="faqcert"></a>FAQ for native Azure certificate authentication
 

includes/vpn-gateway-faq-p2s-all-include.md

@@ -5,7 +5,7 @@
  author: cherylmc
  ms.service: vpn-gateway
  ms.topic: include
- ms.date: 12/17/2019
+ ms.date: 02/19/2020
  ms.author: cherylmc
  ms.custom: include file
 ---
@@ -92,3 +92,21 @@ Azure supports Windows, Mac and Linux for P2S VPN.
 ### I already have an Azure VPN Gateway deployed. Can I enable RADIUS and/or IKEv2 VPN on it?
 
 Yes, you can enable these new features on already deployed gateways using Powershell or the Azure portal, provided that the gateway SKU that you are using supports RADIUS and/or IKEv2. For example, the VPN gateway Basic SKU does not support RADIUS or IKEv2.
+
+### <a name="removeconfig"></a>How do I remove the configuration of a P2S connection?
+
+A P2S configuration can be removed using Azure CLI and PowerShell using the following commands:
+
+#### Azure PowerShell
+
+```azurepowershell-interactive
+$gw=Get-AzVirtualNetworkGateway -name <gateway-name>`  
+$gw.VPNClientConfiguration = $null`  
+Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gw`
+```
+
+#### Azure CLI
+
+```azurecli-interactive
+az network vnet-gateway update --name <gateway-name> --resource-group <resource-group name> --remove "vpnClientConfiguration"
+```