What VPN client for users in an all-AZURE environment?

We are planning to get rid of our last hardware servers in 2023 and go to an all-AZURE environment with our CRM, intranet, etc. What VPN client software should we put on our users’ laptops to connect them to our systems?

Point to site vpn through VNG?

Global Protect with Prisma Access

Just use the native azure vpn client p2s on the vpn gw

If there is nothing on premises anymore you could could use Azure bastion to rdp or ssh securely to servers. If not, Azure’s VPN gateway would be a good option.

What VPN concentrator are you using in Azure?

Is there a hard requirement to be using VPN to connect to these systems? Or is it because it has always been done like this?

While a VPN is a perfectly viable solution for connectivity, there are other ways of tackling this. Intranet could be hosted on SharePoint (shhhttt), applications could be published to the internet directly (with appropriate protection ofcourse). Or you could expose everything through VDI.

What you should not be doing is publishing ssh or rdp to the internet directly. Unless you want to test password strength…

What router are you using. In my VPN days I used SonicWall SSL VPN aka net Extender

We have a Meraki vMX and we use Cisco AnyConnect

Sounds good. Does that work for Macs also?

I don’t think we have one. Right now, it’s just tech guys RDPing into servers.

That’s a good question. I don’t know what I don’t know. I’m used to an on-premises server room protected by a Fortinet SSL VPN.

Yup the azure vpn client works for both os’s also you can implement single sign on, mfa conditional policies etc

You should pick that platform first, and then you’ll have a better idea of what VPN client you can use.

Hopefully not over the public Internet. You need a point to site with a virtual network gateway and azure vpn client or just use azure virtual desktop as a jumpbox type solution.

Bastion. It’s bastion.