How to move your On-Premise WordPress site to a Azure webapp

So as i am starting a new job in less then 2 months, i thought it was time to move this site from a Virtual Machine running on my current employers S2D cluster to Azure. So i decided to share my way there. So i started googling on how to do this. There where some guides here and there. Some older ones and one from docs.microsoft.com, this one did not move everything. So i started with one, got a timeout error. Tried another did not work.

Read more

Setup VPN to use MFA with NPS Extension

In this blog post i will show you how to setup a Microsoft VPN connection with the new NPS Extension for Azure AD MFA.

This is new service that the Microsoft NPS team just released, that adds an Extension to the Windows Network Policy Server.

When using the NPS extension for Azure MFA, the authentication flow includes the following components:

This is copied from https://docs.microsoft.com/nb-no/azure/multi-factor-authentication/multi-factor-authentication-nps-extension

  1. NAS/VPN Server receives requests from VPN clients and converts them into RADIUS requests to NPS servers.
  2. NPS Server connects to Active Directory to perform the primary authentication for the RADIUS requests and, upon success, passes the request to any installed extensions.
  3. NPS Extension triggers a request to Azure MFA for the secondary authentication. Once the extension receives the response, and if the MFA challenge succeeds, it completes the authentication request by providing the NPS server with security tokens that include an MFA claim, issued by Azure STS.
  4. Azure MFA communicates with Azure Active Directory to retrieve the user’s details and performs the secondary authentication using a verification method configured to the user.

The following diagram illustrates this high-level authentication request flow:

Authentication flow diagram

Read more

Configuring Fortigate 5.4 firewall with Azure Site to Site Tunnel

Hello Everyone

Thought i should write a small post about setting up a Site to Site VPN between Azure Resource Manager and a Fortigate Firewall on 5.4.

Important thing to notice here. Use Route Based VPN Type on the Azure Virtual Network Gateway for this.

I used this guide to setup our Azure IPsec tunnel from Microsoft. I recommend using there guides when it comes to azure setup. Combine these with other relevant guides. Make sure they have been recently.

Read more