Develop Reference

Azure P2S VPN with Azure AD Authentication Client for Server 2019

Anyone was successful configuring a VPN client on Server 2019 build 1809 for Azure VPN Gateway using OpenVPN and Azure Active Directory authentication?
Windows Admin Center allows to add an Azure Network Adaptor, but there is only an option for certificate authentication when I select my existing VNet.
Also, Azure VPN Client is not available since there is no MS Store in Server 2019.
Any suggestion?

Unfortunately, currently, the Windows server 2019 is not available for Azure AD authentication and Azure AD authentication is supported only for OpenVPN protocol connections. Read Configure a VPN client for P2S OpenVPN protocol connections: Azure AD authentication and this step-by-step guide.
The table below shows the client operating systems and the authentication options that are available to them. Refer to https://learn.microsoft.com/en-us/azure/vpn-gateway/work-remotely-support

Azure VPN Configuration - Connect to existing VPN

I'm trying to connect my Azure Web App to an Existing VPN.
To connect to this VPN I must give to the admin some configurations, but I'm not sure of HOW can I provide them from Windows Azure.
As far as I have understand is all about creating the Virtual Network and the "connect it".
Like:
Create Virtual Network
Create Public Gateway
Create Local Gateway
Connect something somehow
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal
In my specific case, for the configuration, are required a lot of parameter that I don't know how / where to find:
VPN Endpoint IP
IKE (Encryption type, Authentication Method, Diffie-Hellman Group, Sec Lifetime, Preshared secret)
IPSEC (Perfect Forward Secrecy)
Network profile
In the docs there is a link to Check Point NGX and Microtik so I check out this tutorial:
https://blogs.technet.microsoft.com/netgeeks/2017/07/11/creating-a-site-to-site-vpn-ipsec-ikev2-with-azure-and-mikrotik-routeros/
But how can I get this parameter to perform the connection? Do I need to install extra software on my WebApp? How can I include my web app in the VPN?
And, is there any simplify way for Web App that does not include creating the whole infrastructure?
Thanks in advance

As EvilSnobu said, you can use Hybrid connections to connect your Azure APP service and your on-premises.
Hybrid Connections can be used to access application resources in other networks.
My understanding is that you have Azure Web App and you need to
connect to an on-premises network via VPN?
You are right, the Hybrid connection feature requires a relay agent in the network that hosts your Hybrid Connection endpoint.
You should download and install Hybrid connection manager (HCM) on your local machine and use it to connect to that app service.

Azure P2S connection with VM

I set up an Azure VPN as per this document
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-classic-azure-portal
Also I have created an Azure Windows VM.
My question is how can I connect my Azure VM through this Azure Point to Site VPN connection . I have added a password in security page while I export client certificate in VPN setup , but Azure VPN is not asking for the password before it gets connected . My Azure VM is just connecting via normal rdp. How can I add extra security with vpn by using a password before i login to my Azure VM.
Thanks

I have added a password in security page while I export client
certificate in VPN setup
The password used for certificate, when you want to install this certificate, we need this password.
How can I add extra security with vpn by using a password before i
login to my Azure VM.
Because you had install certificate in your PC, so when you connect your VPN, Azure will not ask for password.
The certificate replaces the password. For now, Azure P2S VPN does not support use password authentication.

How to use RSA token or MFA for Azure VPN connection

I have a Vnet on azure serving some production servers. I want to use some MFA like RSA Token while Client user are connecting to Azure VM's
Could you please suggest some references.

Azure VPN Gateway currently does not support MFA, it's only cert-based authentication for the VPN client-server functionality. (It's called Azure P2S VPN.)
Your best bet is to deploy a VPN server appliance (virtual form factor) that supports the MFA of your choice in your Azure VNet to serve as the VPN server.
Thanks,
Yushun [MSFT]

VPN connection from enterprise to windows azure

My application is hosted in Windows Azure.
I have partnered with enterprise to offer service to their customers.
However , they require VPN connection between us (in the cloud) and their enterprise application.
What is the best way to do this?
Installing software on their machine is not an option.

Windows Azure now has a Virtual Network, announced as part of the Spring 2012 release. It lets you connect your on-premises network to Windows Azure via IPSEC, and takes advantage of your on-prem hardware VPN device.
Summary information here, and tutorials here.

As Azure roles accepts only http/https ant tcp connections "classic" IPSec or PPTP is not an option.
Az Azure roles are Windows Server 2008/R2 you can configure SSTP connection to Azure with startup script or cutom VM Role.
Azure roles has random internal IPs so you'll have to deal with IP resolving too.

Windows Azure Connect allows you to setup an IPSec tunnel between your Azure application and a local network. See:
https://azure.microsoft.com/en-us/services/virtual-machines/
and
http://azure.microsoft.com/documentation/articles/vpn-gateway-point-to-site-create/