| title | Configure Azure VPN Client - Microsoft Entra ID authentication - Linux | ||
|---|---|---|---|
| description | Learn how to configure the Linux Azure VPN Client for Microsoft Entra ID authentication for gateways configured to use the Microsoft-registered Azure VPN Client App ID. | ||
| titleSuffix | Azure VPN Gateway | ||
| author | cherylmc | ||
| ms.service | azure-vpn-gateway | ||
| ms.topic | how-to | ||
| ms.date | 02/10/2025 | ||
| ms.author | cherylmc | ||
| ms.custom |
|
This article helps you configure the Azure VPN Client on a Linux computer (Ubuntu) to connect to a virtual network using a VPN Gateway point-to-site (P2S) VPN and Microsoft Entra ID authentication. For more information about point-to-site connections, see About Point-to-Site connections.
The steps in this article apply to Microsoft Entra ID authentication using the Microsoft-registered Azure VPN Client app with associated App ID and Audience values. This article doesn't apply to the older, manually registered Azure VPN Client app for your tenant. For more information, see About point-to-site VPN - Microsoft Entra ID authentication.
[!INCLUDE Supported versions]
Complete the steps for the point-to-site server configuration. See Configure a P2S VPN gateway for Microsoft Entra ID authentication.
After your Azure VPN Gateway P2S server configuration is complete, your next steps are as follows:
- Download and install the Azure VPN Client for Linux.
- Import the client profile settings to the VPN client.
- Create a connection.
[!INCLUDE Download the Azure VPN Client for Linux]
To configure your Azure VPN Client profile, you download a VPN Client profile configuration package from the Azure P2S gateway. This package contains the necessary settings to configure the VPN client.
If you used the P2S server configuration steps as mentioned in the Prerequisites section, you've already generated and downloaded the VPN client profile configuration package that contains the VPN profile configuration files you'll need. If you need to generate configuration files, see Download the VPN client profile configuration package.
If your P2S gateway configuration was previously configured to use the older, manually registered App ID versions, your P2S configuration doesn't support the Linux VPN client. See About the Microsoft-registered App ID for Azure VPN Client.
Locate and extract the zip file that contains the VPN client profile configuration package. The zip file contains the AzureVPN folder. In the AzureVPN folder, you'll see either the azurevpnconfig_aad.xml file, or the azurevpnconfig.xml file, depending on whether your P2S configuration includes multiple authentication types. The .xml file contains the settings you use to configure the VPN client profile.
[!INCLUDE custom audience steps]
[!INCLUDE Import Azure VPN Client settings for Linux]
- For more information about VPN Gateway, see the VPN Gateway FAQ.
- For more information about point-to-site connections, see About Point-to-Site connections.