Merge pull request #215153 from cherylmc/VWAN-P2S-AAD

Virtual WAN AAD

Author: Stacyrch140

articles/virtual-wan/media/virtual-wan-point-to-site-azure-ad/basics.png

@@ -7,7 +7,7 @@ author: cherylmc
 
 ms.service: virtual-wan
 ms.topic: how-to
-ms.date: 10/11/2022
+ms.date: 10/19/2022
 ms.author: cherylmc 
 
 ---
@@ -54,17 +54,17 @@ A User VPN configuration defines the parameters for connecting remote clients. I
 
 1. Navigate to your **Virtual WAN ->User VPN configurations** page and click **+Create user VPN config**.
 
-   :::image type="content" source="./media/virtual-wan-point-to-site-azure-ad/user-vpn.png" alt-text="Screenshot of the Create User V P N configuration.":::
+   :::image type="content" source="./media/virtual-wan-point-to-site-azure-ad/user-vpn.png" alt-text="Screenshot of the Create User V P N configuration." lightbox="./media/virtual-wan-point-to-site-azure-ad/user-vpn.png":::
 1. On the **Basics** page, specify the parameters.
 
-   :::image type="content" source="./media/virtual-wan-point-to-site-azure-ad/basics.png" alt-text="Screenshot of the Basics page.":::
+   :::image type="content" source="./media/virtual-wan-point-to-site-azure-ad/basics.png" alt-text="Screenshot of the Basics page." lightbox="./media/virtual-wan-point-to-site-azure-ad/basics.png":::
 
     * **Configuration name** - Enter the name you want to call your User VPN Configuration.
     * **Tunnel type** - Select OpenVPN from the dropdown menu.
 
 1. Click **Azure Active Directory** to open the page.
 
-   :::image type="content" source="./media/virtual-wan-point-to-site-azure-ad/values.png" alt-text="Screenshot of the Azure Active Directory page.":::
+   :::image type="content" source="./media/virtual-wan-point-to-site-azure-ad/values.png" alt-text="Screenshot of the Azure Active Directory page." lightbox="./media/virtual-wan-point-to-site-azure-ad/values.png":::
 
     Toggle **Azure Active Directory** to **Yes** and supply the following values based on your tenant details. You can view the necessary values on the Azure Active Directory page for Enterprise applications in the portal.
    * **Authentication method** - Select Azure Active Directory.
@@ -81,27 +81,26 @@ A User VPN configuration defines the parameters for connecting remote clients. I
 
 ## <a name="site"></a>Create an empty hub
 
-For this exercise, we create an empty virtual hub. In the next section, you add a gateway to an already existing hub. However, it's also possible to combine these steps and create the hub with the P2S gateway settings all at once. After configuring the settings, click **Review + create** to validate, then **Create**.
+For this exercise, we create an empty virtual hub in this step and, in the next section, you add a P2S gateway to this hub. However, you can combine these steps and create the hub with the P2S gateway settings all at once. The result is the same either way. After configuring the settings, click **Review + create** to validate, then **Create**.
 
 [!INCLUDE [Create an empty hub](../../includes/virtual-wan-hub-basics.md)]
 
 ## <a name="hub"></a>Add a P2S gateway to a hub
 
-This section shows you how to add a gateway to an already existing virtual hub. This step can take up to 30 minutes for the hub to complete updating.
+This section shows you how to add a gateway to an already existing virtual hub. This step can take up to 30 minutes for the hub to complete updating. 
 
 1. Navigate to the **Hubs** page under the virtual WAN.
-1. Select the hub to which you want to associate the VPN server configuration and click the ellipsis (**...**) to show the menu. Then, click **Edit virtual hub**.
-
-   :::image type="content" source="media/virtual-wan-point-to-site-azure-ad/select-hub.png" alt-text="Screenshot shows Edit virtual hub selected from the menu." lightbox="media/virtual-wan-point-to-site-azure-ad/select-hub.png":::
-
+1. Click the name of the hub that you want to edit to open the page for the hub.
+1. Click **Edit virtual hub** at the top of the page to open the **Edit virtual hub** page.
 1. On the **Edit virtual hub** page, check the checkboxes for **Include vpn gateway for vpn sites** and **Include point-to-site gateway** to reveal the settings. Then configure the values.
 
-   :::image type="content" source="./media/virtual-wan-point-to-site-azure-ad/edit-virtual-hub.png" alt-text="Screenshot shows the Edit virtual hub page.":::
+   :::image type="content" source="./media/virtual-wan-point-to-site-azure-ad/hub.png" alt-text="Screenshot shows the Edit virtual hub." lightbox="./media/virtual-wan-point-to-site-azure-ad/hub.png":::
 
    * **Gateway scale units**: Select the Gateway scale units. Scale units represent the aggregate capacity of the User VPN gateway. If you select 40 or more gateway scale units, plan your client address pool accordingly. For information about how this setting impacts the client address pool, see [About client address pools](about-client-address-pools.md). For information about gateway scale units, see the [FAQ](virtual-wan-faq.md#for-user-vpn-point-to-site--how-many-clients-are-supported).
    * **User VPN configuration**: Select the configuration that you created earlier.
-   * **Client address pool**: Specify the client address pool from which the VPN clients will be assigned IP addresses. This setting corresponds to the gateway scale units that you set.
-1. Click **Confirm**. It can take up to 30 minutes to update the hub.
+   * **User Groups to Address Pools Mapping**: For information about this setting, see [Configure user groups and IP address pools for P2S User VPNs (preview)](user-groups-create.md).
+
+1. After configuring the settings, click **Confirm** to update the hub. It can take up to 30 minutes to update a hub.
 
 ## <a name="connect-vnet"></a>Connect VNet to hub
 
@@ -111,7 +110,7 @@ In this section, you create a connection between your virtual hub and your VNet.
 
 ## <a name="download-profile"></a>Download User VPN profile
 
-All of the necessary configuration settings for the VPN clients are contained in a VPN client configuration zip file. The settings in the zip file help you easily configure the VPN clients. The VPN client configuration files that you generate are specific to the User VPN configuration for your gateway. You can download global (WAN-level) profiles, or a profile for a specific hub. For information and additional instructions, see [Download global and hub profiles](global-hub-profile.md). The following steps walk you through downloading a global WAN-level profile. 
+All of the necessary configuration settings for the VPN clients are contained in a VPN client configuration zip file. The settings in the zip file help you easily configure the VPN clients. The VPN client configuration files that you generate are specific to the User VPN configuration for your gateway. You can download global (WAN-level) profiles, or a profile for a specific hub. For information and additional instructions, see [Download global and hub profiles](global-hub-profile.md). The following steps walk you through downloading a global WAN-level profile.
 
 [!INCLUDE [Download profile](../../includes/virtual-wan-p2s-download-profile-include.md)]
 
@@ -191,4 +190,4 @@ When you no longer need the resources that you created, delete them. Some of the
 
 ## Next steps
 
-To learn more about Virtual WAN, see the [Virtual WAN Overview](virtual-wan-about.md) page.
+For Virtual WAN frequently asked questions, see the [Virtual WAN FAQ](virtual-wan-faq.md).

articles/virtual-wan/media/virtual-wan-point-to-site-azure-ad/edit-virtual-hub.png

@@ -1,7 +1,7 @@
 ---
 ms.author: cherylmc
 author: cherylmc
-ms.date: 05/25/2022
+ms.date: 10/19/2022
 ms.service: virtual-wan
 ms.topic: include
 ---
@@ -18,4 +18,5 @@ ms.topic: include
    * **Name**: The name by which you want the virtual hub to be known.
    * **Hub private address space**: The hub's address range in CIDR notation. The minimum address space is /24 to create a hub.
    * **Virtual hub capacity**: Select from the dropdown. For more information, see [Virtual hub settings](../articles/virtual-wan/hub-settings.md).
-   * **Hub routing preference**: This field is only available as part of the virtual hub routing preference preview and can only be viewed in the [preview portal](https://portal.azure.com/?feature.customRouterAsn=true&feature.virtualWanRoutingPreference=true#home). See [Virtual hub routing preference](../articles/virtual-wan/about-virtual-hub-routing-preference.md) for more information.
+   * **Hub routing preference**: This field is only available as part of the virtual hub routing preference preview and can only be viewed in the [preview portal](https://portal.azure.com/?feature.customRouterAsn=true&feature.virtualWanRoutingPreference=true#home). See [Virtual hub routing preference](../articles/virtual-wan/about-virtual-hub-routing-preference.md) for more information.
+   * **Router ASN**: Unless necessary, leave the default.