Sv translation | ||
---|---|---|
| ||
OverviewA Point-to-Site (P2S) VPN gateway connection lets you create a secure connection to your virtual network from an individual client computer. It offers a secure, client-initiated way for customers to access their Prinergy system running on |
Overview
...
an Azure VM. |
Instructions are provided for both Windows and Mac clients.
PrerequisitesPoint-to-site gateway configured with:
|
Installation & Configuration
- Create root certificate and client certificates:
- Mac:
- Install openssl if it is not already installed.
Execute commands to create root certificate:
Code Block # Generate root private key openssl genrsa -aes256 -out RootAzureVPN.key 2048 # Generate a root certificate valid for 10 years openssl req -x509 -sha256 -new -key RootAzureVPN.key -out RootAzureVPN.cer -days 3650 -subj /CN=RootAzureVPN
- Mac:
Execute commands to create client certificate:
Code Block # Generate a certificate request openssl genrsa -out clientCert.key 2048 openssl req -new -out clientCert.req -key clientCert.key -subj /CN=ClientAzureVPN # Generate a certificate from the certificate request and sign it as the CA that you are. openssl x509 -req -sha256 -in clientCert.req -out clientCert.cer -CAkey RootAzureVPN.key -CA RootAzureVPN.cer -days 1800 -CAcreateserial -CAserial serial # Pack key and certificate in a .pfx (pkcs12 format) openssl pkcs12 -export -out clientCert.pfx -inkey clientCert.key -in clientCert.cer -certfile RootAzureVPN.cer
- Windows 10 and Windows Server 2016:
- https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site
- Note: 2016 theoretically should work but certificate could not be installed in Azure when tested previously
- The following commands are executed in Powershell in ‘Run as administrator’ mode
- Replace P2SRootCert and P2SChildCert with something appropriate for the site such as <SiteName>RootCert and <SiteName>ClientCert where <SiteName> is replaced with the actual site name.
Create a self-signed root certificate:
Code Block $cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature ` -Subject "CN=P2SRootCert" -KeyExportPolicy Exportable ` -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" ` -KeyUsageProperty Sign -KeyUsage CertSign
IMPORTANT: `in each command line tells Powershell the command continues into next the line
Create a client certificate:
Code Block New-SelfSignedCertificate -Type Custom -DnsName P2SChildCert -KeySpec Signature ` -Subject "CN=P2SChildCert" -KeyExportPolicy Exportable ` -HashAlgorithm sha256 -KeyLength 2048 ` -CertStoreLocation "Cert:\CurrentUser\My" ` -Signer $cert -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")
Check that at least the two generated/registered certificates are listed:
Code Block PS C:\> Get-ChildItem -Path "Cert:\CurrentUser\My" Thumbprint Subject ---------- ------- F3C3B23CDCBFC90AA606446966E2FAAD49B70AC5 CN=P2SRootCert 44E1451EE36DBCD82A1B752ECC854CBE0271C520 CN=P2SChildCert
- Export the root certificate from Certificate Manager (certmgr.msc). Options:
- No Private key
- Base 64 certificate (.cer) file
- Export the client certificate. Options:
- Include private key
- Personal Information Exchange - PKCS #12 (.PFX) format
- Select a secure password and write it down. It will be needed to install the client certificate in the client later.
- https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site
- Install root certificate in Azure:
- Connect to the Azure Portal from the client where the certificates were generated from.
- Open the root certificate .cerfile in a TextEdit (Mac) or Notepad (Windows) and copy the parts between the -----BEGIN CERTIFICATE-----and -----END CERTIFICATE-----lines from the generated certificate.
IMPORTANT: Be sure the editor you use does not alter the formatting of the content. - Navigate to VNET Gateway’s Point-to-site configuration in the Portal and add it to the root certificate list.
- Save the change.
- Install client certificate on the client – Windows & Mac: https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-how-to-vpn-client-install-azure-cert
- Download VPN config from Azure Portal to client.
- Login to Azure Portal from the client
- Navigate to the VNET Gateway’s Point-to-site configuration
- Click the ‘Download VPN client’ button:
- Install VPN config on client:
- Mac:
- Windows:
- Optional: Add a host file entry with the primary servers private IP if you want to reference it by name from the client
- Mac:
- Launch the Terminal application found in Applications/Utilities
- Type: sudo nano /etc/hosts<Enter>
- Enter Administrator password when prompted and hit Enter
- Add an entry for the primary server – eg: 10.1.234.3 PrinergyPrimaryName
- Save the file: Control+O
- Exit nano: Control+X
- Mac:
- Windows:
- Edit C:\Windows\System32\drivers\etc\hosts
- Add an entry for the primary server – eg: 10.1.234.3 PrinergyPrimaryName
- Save the file
Using Kodak Workshop and other workflow software from the client
- Connect the Azure VPN if not already connected
- If Workshop is not already installed map a drive the Workshop installer on the Azure VM and install Workshop and related software
- Start Workshop.
- If it does not automatically find the primary server, enter the name or IP address
RDC to an Azure VM from the client
Please open a support call with Kodak if you need assistance with setting up a point to site connection. Additional information can be found on the Partner Place website (partnerplace.kodak.com). Authenticated customers can log in and find the instructions by searching for answer ID 76120. |
Sv translation | ||
---|---|---|
| ||
ÜberblickMit einer Point-to-Site (P2S) VPN-Gateway-Verbindung können Sie von einem einzelnen Client-Computer aus eine sichere Verbindung zu Ihrem virtuellen Netzwerk herstellen. Sie bietet eine sichere, Client-gesteuerte Möglichkeit für Kunden, auf ihr Prinergy-System zuzugreifen, das auf einer Azure-VM läuft. VoraussetzungenPoint-to-Site-Gateway konfiguriert mit:
Wenn Sie Hilfe bei der Einrichtung einer Point-to-Site-Verbindung benötigen, wenden Sie sich bitte an den Support von Kodak. Weitere Informationen finden Sie auf der Partner Place Website (partnerplace.kodak.com). Authentifizierte Kunden können sich anmelden und die Anweisungen finden, indem sie nach der Antwort-ID 76120 suchen. |
Sv translation | ||
---|---|---|
| ||
Visión generalUna conexión de puerta de enlace VPN punto a sitio (P2S) le permite crear una conexión segura a su red virtual desde un ordenador cliente individual. Ofrece una forma segura, iniciada por el cliente, para que los clientes accedan a su sistema Prinergy que se ejecuta en una VM Azure. Requisitos previosPuerta de enlace punto a punto configurada con:
Por favor, abra una llamada de soporte con Kodak si necesita ayuda para configurar una conexión punto a sitio. Encontrará información adicional en el sitio web Partner Place (partnerplace.kodak.com). Los clientes autenticados pueden iniciar sesión y encontrar las instrucciones buscando la respuesta ID 76120. |
Sv translation | ||
---|---|---|
| ||
Vue d'ensembleUne connexion de passerelle VPN point à site (P2S) vous permet de créer une connexion sécurisée à votre réseau virtuel à partir d'un ordinateur client individuel. Elle offre aux clients un moyen sécurisé d'accéder à leur système Prinergy exécuté sur une VM Azure. Conditions préalablesPasserelle point à site configurée avec :
Veuillez ouvrir un appel de support avec Kodak si vous avez besoin d'aide pour configurer une connexion point à site. Des informations supplémentaires sont disponibles sur le site Web Partner Place (partnerplace.kodak.com). Les clients authentifiés peuvent se connecter et trouver les instructions en recherchant l'ID de réponse 76120. |
Sv translation | ||
---|---|---|
| ||
PanoramicaUna connessione gateway VPN Point-to-Site (P2S) consente di creare una connessione sicura alla rete virtuale da un singolo computer client. Offre un modo sicuro e avviato dal cliente per accedere al proprio sistema Prinergy in esecuzione su una macchina virtuale Azure. PrerequisitiGateway point-to-site configurato con:
Se avete bisogno di assistenza per la configurazione di una connessione point to site, aprite una chiamata di supporto con Kodak. Ulteriori informazioni sono disponibili sul sito Web Partner Place (partnerplace.kodak.com). I clienti autenticati possono accedere e trovare le istruzioni cercando l'ID risposta 76120. |
Sv translation | ||
---|---|---|
| ||
概要Point-to-Site (P2S) VPNゲートウェイ接続を使用すると、個々のクライアントコンピュータから仮想ネットワークへのセキュアな接続を作成できます。これは、顧客がAzure VM上で実行されているPrinergyシステムにアクセスするための、セキュアでクライアント主導の方法を提供します。 前提条件Point-to-Siteゲートウェイが構成されていること:
ポイント・ツー・サイト接続のセットアップにサポートが必要な場合は、コダックにサポートコールを依頼してください。その他の情報は、パートナープレースウェブサイト(partnerplace.kodak.com)でご覧いただけます。認証されたお客様はログインして、回答ID 76120を検索して手順を見つけることができます。 |
Sv translation | ||
---|---|---|
| ||
Visão geralUma conexão de gateway VPN Point-to-Site (P2S) permite criar uma conexão segura com sua rede virtual a partir de um computador cliente individual. Ela oferece uma maneira segura e iniciada pelo cliente para que os clientes acessem o sistema Prinergy em execução em uma VM do Azure. Pré-requisitosGateway ponto a site configurado com:
Abra uma chamada de suporte com a Kodak se precisar de ajuda para configurar uma conexão ponto a site. Informações adicionais podem ser encontradas no site Partner Place (partnerplace.kodak.com). Os clientes autenticados podem fazer login e encontrar as instruções pesquisando a ID de resposta 76120. |
Sv translation | ||
---|---|---|
| ||
概述点到点 (P2S) VPN 网关连接可让您从单个客户端计算机创建到虚拟网络的安全连接。它为客户访问在 Azure 虚拟机上运行的 Prinergy 系统提供了一种安全的、由客户端发起的方式。 前提条件点到点网关配置为
如果您在设置点到点连接时需要帮助,请拨打柯达支持电话。其他信息可在 Partner Place 网站 (partnerplace.kodak.com) 上找到。已通过身份验证的客户可登录并通过搜索答案 ID 76120 找到说明。 |
Sv translation | ||
---|---|---|
|
...