- Navigate to Connections in Azure.
- Click Create New Connection.
- Provide a Name for the connection (for example, JamfPrivateAccessConnection).
- For Connection Type, select Site-to-Site (IPSec).
- Under Virtual Network Gateway, select the virtual network gateway object you created previously.
The suggested name was JamfPrivateAccessVirtGW.
- Under Local Network Gateway, select the local network gateway object you created previously.
The suggested name was JamfPrivateAccessLocalGW.
- In Shared Key (PSK), paste the password that was created in Jamf Security Cloud into the field.
- Leave Azure Private IP Address and Enable BGP unchecked.
- For IKE Protocol, select IKEv2.
- In IPSec/IKE Policy, select Custom.
- Configure all required fields in the IKE Phase 1 and IKE Phase 2(IKE) sections.Note:
Choose a PFS Group from the list. Jamf recommends not choosing None and recommends using the same group number as your your DH Group if possible for consistency.
- Verify that the Subscription, Resource, and Region fields are correct.
- Click OK.Note:
The VPN connection can take up to 15 minutes to become available.
You may proceed with the remaining steps in the meantime, but the IPSec tunnel will not be established until the VPN connection is marked as "Available" in the Azure console.