I just set up and establish a S2S VPN between our Azure tenant and on-prem FW, to be able to use LDAP creditenals for remote dial-in users. What you need to do is the following components and steps.
Please tell me if you're interested, and I will explain it in more dettails.
1. a S2S connection between on-prem Firewall (we use Fortigate) and Azure virtual gateway (VPN)
2. setup an Azure AD DS service (this is the DS as a service)
3. set a vnet-peering between the Azure virtual gateway VNET and AAD DS VNET
4. in the on-prem firewall, set a static route to allow the communcation to AAD DS server via S2S
No comments:
Post a Comment