Certificate-based Point to Site Azure VPN through Intune

P2S VPN through Intune header

As the business world becomes increasingly mobile, cloud services are becoming even more attractive. But what if, as is often the case, there are still dependencies on an enterprise network - on Azure, for example? The solution is obvious: a point-to-site VPN ensures communication for mobile workers. In this how-to post, I discuss how a certificate-based point-to-site VPN to an Azure VPN gateway can be automatically rolled out to mobile clients through Intune. I also discuss how certificates can be automatically issued and renewed by a Certificate Authority in combination with Intune.

Restore Azure App Service MySQL In-App Database

Header-AppSvc-MySQL-Restore

The Azure App Service offers the possibility to have backups created automatically by Azure. This backup also includes the MySQL in-app database, which is often used for a simple WordPress site. But when testing the restore, the surprise that WordPress needs to be reinstalled. This is because the database is not restored during the restore, only the backed up file structure. But more about that later. The following tutorial shows how you can test what problem occurs and how restoring the Azure App Service MySQL in-app database works anyway.

Automatically audit and deploy Azure Resource Locks with Azure Policies

Banner - Auto Azure RG Lock with policies

You can create resources very easily on the Azure platform. This is great, but it also provides a few risks. For example, you can delete resources or entire environments just as easily. What is very helpful for tests and demos can be very dangerous for integration and production environments. So you don't have to manage this manually, I wrote an Azure Policy code. This defines the automatic auditing and provisioning of Azure Resource Locks with Azure Policies.

ARM template deployment – Hub and Spoke with Bastion

ARM Template Hub and Spoke with Bastion

With an Azure Resource Manager (ARM) template, you can create a specific infrastructure on Azure with the click of a button. The template defines the infrastructure as code and Azure is thereby told the target state of the resources. I have created such a template and published it via Github. The ARM template deployment includes a hub and spoke network topology with a central Azure bastion for secure access to VMs. This post shows you step by step how to use the template for yourself.

Azure Bastion Planning and Implementation

Plan and Implement Azure Bastion - Banner

Azure Bastion is an Azure service that allows you to access your Azure VMs securely and centrally via the web portal. This allows you to enable your system administrators and system specialists to "work anywhere" without any security concerns. In this article I will not focus on the service itself, but rather on the steps necessary to plan and implement Azure Bastion.

Azure Subscription Migration of Multi - Resourcegroups

Azure Subscription Migration - Banner

The cloud offers many new possibilities and is available at the push of a button. And this is exactly what holds various dangers. You start your cloud adventure, start the first services and then soon realize that you made a mistake, for example choosing the wrong type of subscription. Usually you have also spread your services over different resource groups. I have therefore often been confronted with the question "How can I migrate the existing Azure Services distributed in multi resource groups to a new Azure Subscription? With this article I try to answer this question as comprehensively as possible.

Backup and restore MFA-configuration

MFA Configuration Backup

Multi-factor authentication is widely used today and should be standard for all companies and individuals. But what if the configured MFA device is lost or broken? Microsoft's Authenticator App offers a practical, simple and secure solution to this problem through cloud backup of the MFA configuration. With it you can easily backup your existing MFA configuration. This article shows how to activate the backup, add another MFA device, load the backup data and remove the lost or broken device. And all of this can be done very easily in a few steps.

Integration of Azure MFA in an RDS environment

Azure MFA mit RDS

This blog post explains how to set up Azure Multi-Factor Authentication for your On-Premises Remote Desktop Service (RDS) environment. The blog post is intended to help you understand and shows the most important steps for preparation as a step-by-step guide. Multi-Factor Authentication The concept of Multi-Factor Authentication (MFA) is already widely used and respected today. Such an authentication consists of several components, not ... Read more

en_GBEnglish