I am using Azure AD Domain Services and would like to be able to connect to the virtual network on Azure using RemoteAccess on a new server. However, the RemoteAccess setup requires creating some policies which is not something that is supported by AADDS at the moment.
Is there a way that I can set up RemoteAccess without creating new GPOs?
My ideal solution would be to be able to connect to a VPN with the user's AD credentials. I would like to avoid having to set up a Point to Site connection with cert authentication.
RRAS supports L2TP/IPSec for tunnel protocol, with which you can use pre-shared key instead of certificate authentication. Then the Clients can access VPN server by using AD credentials.
The steps are outlined below for configuring L2TP/IPSec on RRAS server.
Open Network Policy Server MMC snap-in
Configure the policy named Microsoft Routing and Remote Access Service Policy, add PEAP and EAP-MSCHAP v2 for EAP types
In addition, you need to set the pre-shared key on the VPN Client. After you set up a VPN connection, you can set the pre-shared key from the Properties -> Security -> Advanced Settings.