Merge pull request #286312 from cherylmc/azurevpnconfig

VPN Gateway AzureVPN folder

Author: prmerger-automator[bot]

articles/vpn-gateway/azure-vpn-client-optional-configurations.md

@@ -5,7 +5,7 @@ description: Learn how to configure optional configuration settings for the Azur
 author: cherylmc
 ms.service: azure-vpn-gateway
 ms.topic: how-to
-ms.date: 05/15/2024
+ms.date: 09/06/2024
 ms.author: cherylmc
 
 ---
@@ -26,15 +26,21 @@ The steps in this article assume that you have configured your P2S gateway and h
 
 ## Working with VPN client profile configuration files
 
-The steps in this article require you to modify and import the Azure VPN Client profile configuration file. To work with VPN client profile configuration files (xml files), use the following steps:
+The steps in this article require you to modify and import the Azure VPN Client profile configuration file. The following profile configuration files are generated, depending on the authentication types configured for your P2S VPN gateway.
+
+* **azurevpnconfig.xml**: This file is generated when only one authentication type is selected.
+* **azurevpnconfig_aad.xml**: This file is generated for Microsoft Entra ID authentication when there are multiple authentication types selected.
+* **azurevpnconfig_cert.xml**: This file is generated for Certificate authentication when there are multiple authentication types selected.
+
+To work with VPN client profile configuration files (xml files), use the following steps:
 
 1. Locate the profile configuration file and open it using the editor of your choice.
 1. Using the examples in the following sections, modify the file as necessary, then save your changes.
 1. Import the file to configure the Azure VPN client. You can import the file for the Azure VPN Client using these methods:
 
-   * **Azure VPN Client interface**: Open the Azure VPN Client and click **+** and then **Import**. Locate the modified xml file, configure any additional settings in the Azure VPN Client interface (if necessary), then click **Save**.
+   * **Azure VPN Client interface**: Open the Azure VPN Client and click **+** and then **Import**. Locate the modified .xml file, configure any additional settings in the Azure VPN Client interface (if necessary), then click **Save**.
 
-   * **Command-line prompt**: Place the downloaded *azurevpnconfig.xml* file in the *%userprofile%\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState* folder, then run the following command: `azurevpn -i azurevpnconfig.xml`. To force the import, use the **-f** switch.
+   * **Command-line prompt**: Place the appropriate downloaded configuration xml file in the *%userprofile%\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState* folder, then run the command that corresponds to the configuration file name. For example, `azurevpn -i azurevpnconfig_aad.xml`. To force the import, use the **-f** switch.
 
 ## DNS
 

articles/vpn-gateway/point-to-site-certificate-client-linux-azure-vpn-client.md

@@ -6,7 +6,7 @@ author: cherylmc
 ms.service: azure-vpn-gateway
 ms.custom: linux-related-content
 ms.topic: how-to
-ms.date: 06/05/2024
+ms.date: 09/06/2024
 ms.author: cherylmc
 ---
 
@@ -42,7 +42,7 @@ The basic workflow is as follows:
 
 1. Generate and install client certificates.
 1. Locate the VPN client profile configuration package that you generated in the [Configure server settings for P2S VPN Gateway connections - certificate authentication](vpn-gateway-howto-point-to-site-resource-manager-portal.md#profile-files) article.
-1. Download and configure Azure VPN Client for Linux.
+1. Download and configure the Azure VPN Client for Linux.
 1. Connect to Azure.
 
 ## Generate certificates
@@ -67,15 +67,11 @@ openssl x509 -req -days 365 -in "${USERNAME}Req.pem" -CA caCert.pem -CAkey caKey
 
 ## View VPN client profile configuration files
 
-When you generate a VPN client profile configuration package, all the necessary configuration settings for VPN clients are contained in a VPN client profile configuration zip file. The VPN client profile configuration files are specific to the P2S VPN gateway configuration for the virtual network. If there are any changes to the P2S VPN configuration after you generate the files, such as changes to the VPN protocol type or authentication type, you need to generate new VPN client profile configuration files and apply the new configuration to all of the VPN clients that you want to connect.
+When you generate and download a VPN client profile configuration package, all the necessary configuration settings for VPN clients are contained in a VPN client profile configuration zip file. The VPN client profile configuration files are specific to the P2S VPN gateway configuration for the virtual network. If there are any changes to the P2S VPN configuration after you generate the files, such as changes to the VPN protocol type or authentication type, you need to generate new VPN client profile configuration files and apply the new configuration to all of the VPN clients that you want to connect.
 
-Locate and unzip the VPN client profile configuration package you generated (listed in the [Prequisites](#prerequisites)). For P2S **Certificate authentication** and with an **OpenVPN** tunnel type, you'll see the **AzureVPN** folder. In the AzureVPN folder, locate the **azurevpnconfig.xml** file. This file contains the settings you use to configure the VPN client profile.
+Locate and unzip the VPN client profile configuration package you generated and downloaded (listed in the [Prequisites](#prerequisites)). Open the **AzureVPN** folder. In this folder, you'll see either the **azurevpnconfig_cert.xml** file or the **azurevpnconfig.xml** file, depending on whether your P2S configuration includes multiple authentication types. The .xml file contains the settings you use to configure the VPN client profile.
 
-If you don't see the **azurevpnconfig.xml** file, verify the following items:
-
-* Verify that your VPN gateway is configured to use the OpenVPN tunnel type.
-* Verify your P2S configuration is set for certificate authentication.
-* If you're using Microsoft Entra ID authentication, you might not have an AzureVPN folder. See the [Microsoft Entra ID](point-to-site-entra-gateway.md) configuration article instead.
+If you don't see either file, or you don't have an **AzureVPN** folder, verify that your VPN gateway is configured to use the OpenVPN tunnel type and that certificate authentication is selected.
 
 ## Download the Azure VPN Client
 
@@ -109,7 +105,7 @@ For more information about the repository, see [Linux Software Repository for Mi
 1. On the bottom left of the page of the Linux VPN client, select **Import**.
 
    :::image type="content" source="./media/azure-vpn-client-certificate-linux/import.png" alt-text="Screenshot of Azure VPN Client for Linux with Import." lightbox="./media/azure-vpn-client-certificate-linux/import.png":::
-1. In the window, navigate to the **azurevpnconfig.xml** file, select it, then select **Open**.
+1. In the window, navigate to either the **azurevpnconfig.xml** or **azurevpnconfig_cert.xml** file, select it, then select **Open**.
 1. To add **Client Certificate Public Data**, use the file picker and locate the related **.pem** files.
 
    :::image type="content" source="./media/azure-vpn-client-certificate-linux/client-certificate-data.png" alt-text="Screenshot of Azure VPN Client for Linux with client certificate data selected." lightbox="./media/azure-vpn-client-certificate-linux/client-certificate-data.png":::

articles/vpn-gateway/point-to-site-entra-vpn-client-linux.md

@@ -6,7 +6,7 @@ author: cherylmc
 ms.service: azure-vpn-gateway
 ms.custom: linux-related-content
 ms.topic: how-to
-ms.date: 06/05/2024
+ms.date: 09/09/2024
 ms.author: cherylmc
 ---
 
@@ -71,7 +71,7 @@ In this section, you configure the Azure VPN client for Linux.
 
 * If your P2S gateway configuration was previously configured to use the older, manually registered App ID versions, your P2S configuration doesn't support the Linux VPN client. See [About the Microsoft-registered App ID for Azure VPN Client](point-to-site-entra-gateway.md).
 
-* For Microsoft Entra ID authentication, use the **azurevpnconfig_aad.xml** file. The file is located in the **AzureVPN** folder of the VPN client profile configuration package.
+* For Microsoft Entra ID authentication, use the **azurevpnconfig_aad.xml** or **azurevpnconfig.xml** file that's located in the **AzureVPN** folder of the VPN client profile configuration package. The file name depends on whether your P2S configuration includes multiple authentication types.
 
 1. On the Azure VPN Client page, select **Import**.
 

articles/vpn-gateway/point-to-site-entra-vpn-client-mac.md

@@ -36,11 +36,11 @@ This article continues on from the [Configure a P2S VPN gateway for Microsoft En
 
 ## <a name="generate"></a>Extract client profile configuration files
 
-To configure your Azure VPN Client profile, you download a VPN client profile configuration package from the Azure P2S gateway. This package contains the necessary settings to configure the VPN client.
-
 If you used the P2S server configuration steps as mentioned in the [Prerequisites](#prerequisites) section, you've already generated and downloaded the VPN client profile configuration package that contains the VPN profile configuration files. If you need to generate configuration files, see [Download the VPN client profile configuration package](point-to-site-entra-gateway.md#download).
 
-After you obtain the VPN client profile configuration package, extract the files.
+When you generate and download a VPN client profile configuration package, all the necessary configuration settings for VPN clients are contained in a VPN client profile configuration zip file. The VPN client profile configuration files are specific to the P2S VPN gateway configuration for the virtual network. If there are any changes to the P2S VPN configuration after you generate the files, such as changes to the VPN protocol type or authentication type, you need to generate new VPN client profile configuration files and apply the new configuration to all of the VPN clients that you want to connect.
+
+Locate and unzip the VPN client profile configuration package you generated and downloaded (listed in the [Prequisites](#prerequisites)). Open the **AzureVPN** folder. In this folder, you'll see either the **azurevpnconfig_aad.xml** file or the **azurevpnconfig.xml** file, depending on whether your P2S configuration includes multiple authentication types. The .xml file contains the settings you use to configure the VPN client profile.
 
 ## Import VPN client profile configuration files
 

articles/vpn-gateway/point-to-site-entra-vpn-client-windows.md

@@ -5,7 +5,7 @@ titleSuffix: Azure VPN Gateway
 author: cherylmc
 ms.service: azure-vpn-gateway
 ms.topic: how-to
-ms.date: 06/05/2024
+ms.date: 09/06/2024
 ms.author: cherylmc
 
 ---
@@ -33,27 +33,20 @@ This article continues on from the [Configure a P2S VPN gateway for Microsoft En
 
 ## <a name="generate"></a>Extract client profile configuration files
 
-To configure your Azure VPN Client profile, you must first download the VPN client profile configuration package from the Azure P2S gateway. This package is specific to the configured VPN gateway and contains the necessary settings to configure the VPN client.
+To configure your Azure VPN Client profile, you must first download the VPN client profile configuration package from the Azure P2S gateway. This package is specific to the configured VPN gateway and contains the necessary settings to configure the VPN client. If you used the P2S server configuration steps as mentioned in the [Prerequisites](#prerequisites) section, you've already generated and downloaded the VPN client profile configuration package that contains the VPN profile configuration files. If you need to generate configuration files, see [Download the VPN client profile configuration package](point-to-site-entra-gateway.md#download).
 
-If you used the P2S server configuration steps as mentioned in the [Prerequisites](#prerequisites) section, you've already generated and downloaded the VPN client profile configuration package that contains the VPN profile configuration files. If you need to generate configuration files, see [Download the VPN client profile configuration package](point-to-site-entra-gateway.md#download).
-
-After you obtain the VPN client profile configuration package, extract the zip file. The file contains the following folders:
-
-* **AzureVPN**: The AzureVPN folder contains the **Azurevpnconfig.xml** file that is used to configure the Azure VPN Client.
-* **Generic**: The generic folder contains the public server certificate and the VpnSettings.xml file. The VpnSettings.xml file contains information needed to configure a generic client.
+After you obtain the VPN client profile configuration package, extract the zip file. The zip file contains the **AzureVPN** folder. The **AzureVPN** folder contains the **azurevpnconfig_aad.xml** file or the **azurevpnconfig.xml** file, depending on whether your P2S configuration includes multiple authentication types. If you don't see **azurevpnconfig_aad.xml** or **azurevpnconfig.xml**, or you don't have an **AzureVPN** folder, verify that your VPN gateway is configured to use the OpenVPN tunnel type and that Azure Active Directory (Microsoft Entra ID) authentication is selected.
 
 ## <a name="import"></a>Import client profile configuration settings
 
 > [!NOTE]
 > [!INCLUDE [Entra VPN client note](../../includes/vpn-gateway-entra-vpn-client-note.md)]
 
-When your P2S configuration specifies Microsoft Entra ID authentication, the VPN client profile configuration settings are contained in the **azurevpnconfig.xml** file. This file is located in the **AzureVPN** folder of the VPN client profile configuration package.
-
 1. On the page, select **Import**.
 
    :::image type="content" source="./media/point-to-site-entra-vpn-client-windows/import.png" alt-text="Screenshot that shows the Add button selected and the Import action highlighted in the lower left-side of the window." lightbox="./media/point-to-site-entra-vpn-client-windows/import.png":::
 
-1. Browse to the Azure VPN Client profile configuration folder that you extracted. In the AzureVPN folder, select **azurevpnconfig.xml**. With the file selected, select **Open**.
+1. Browse to the Azure VPN Client profile configuration folder that you extracted. Open the **AzureVPN** folder and select the client profile configuration file (azurevpnconfig_aad.xml or azurevpnconfig.xml). Select **Open** to import the file.
 
 1. Change the name of the Connection name (optional). In this example, you'll notice that the Audience value shown is the new Azure Public value associated to the Microsoft-registered Azure VPN Client App ID. The value in this field must match the value that your P2S VPN gateway is configured to use.
 

articles/vpn-gateway/point-to-site-vpn-client-certificate-windows-azure-vpn-client.md

@@ -32,7 +32,7 @@ This article assumes that you've already performed the following prerequisites:
 To connect to Azure, each connecting client computer requires the following items:
 
 * The Azure VPN Client software must be installed on each client computer.
-* The Azure VPN Client profile must be configured using the downloaded **azurevpnconfig.xml** configuration file.
+* The Azure VPN Client profile is configured using the settings contained in the downloaded **azurevpnconfig.xml** or **azurevpnconfig_cert.xml** configuration file.
 * The client computer must have a client certificate that's installed locally.
 
 ## Generate and install client certificates
@@ -53,12 +53,9 @@ Each computer needs a client certificate in order to authenticate. If the client
 
 The VPN client profile configuration package contains specific folders. The files within the folders contain the settings needed to configure the VPN client profile on the client computer. The files and the settings they contain are specific to the VPN gateway and the type of authentication and tunnel your VPN gateway is configured to use.
 
-Locate and unzip the VPN client profile configuration package you generated. For Certificate authentication and OpenVPN, you'll see the **AzureVPN** folder. Locate the **azurevpnconfig.xml** file. This file contains the settings you use to configure the VPN client profile.
+Locate and unzip the VPN client profile configuration package you generated. For Certificate authentication and OpenVPN, you'll see the **AzureVPN** folder. In this folder, you'll see either the **azurevpnconfig_cert.xml** file or the **azurevpnconfig.xml** file, depending on whether your P2S configuration includes multiple authentication types. The .xml file contains the settings you use to configure the VPN client profile.
 
-If you don't see the file, verify the following items:
-
-* Verify that your VPN gateway is configured to use the OpenVPN tunnel type.
-* If you're using Microsoft Entra authentication, you might not have an AzureVPN folder. See the [Microsoft Entra ID](point-to-site-entra-vpn-client-windows.md) configuration article instead.
+If you don't see either file, or you don't have an **AzureVPN** folder, verify that your VPN gateway is configured to use the OpenVPN tunnel type and that certificate authentication is selected.
 
 ## Download the Azure VPN Client
 
@@ -70,7 +67,7 @@ If you don't see the file, verify the following items:
 
 1. Select **+** on the bottom left of the page, then select **Import**.
 
-1. In the window, navigate to the **azurevpnconfig.xml** file. Select the file, then select **Open**.
+1. In the window, navigate to the **azurevpnconfig.xml** or **azurevpnconfig_cert.xml** file. Select the file, then select **Open**.
 
 1. On the client profile page, notice that many of the settings are already specified. The preconfigured settings are contained in the VPN client profile package that you imported. Even though most of the settings are already specified, you need to configure settings specific to the client computer.
 

articles/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal.md

@@ -6,7 +6,7 @@ author: cherylmc
 ms.service: azure-vpn-gateway
 ms.custom: devx-track-azurepowershell
 ms.topic: how-to
-ms.date: 08/23/2024
+ms.date: 09/06/2024
 ms.author: cherylmc
 ---
 # Configure server settings for P2S VPN Gateway certificate authentication