Skip to content
  • There are no suggestions because the search field is empty.

How to scan Azure Cloud Networks using our VPN Agent

Learn how easy it is to deploy the Azure VPN Agent in any Azure Cloud Infrastructure so our scanners can reach your Cloud Infrastructure securely, by using an encrypted VPN Tunnel.

At Pentest-Tools.com, we focus on making your workflow smoother, so you can move fast on the platform and save time for other priority tasks. 

That’s why we've created the Azure VPN Agent that can be easily deployed in any Azure Cloud Infrastructure. This way, our scanners can reach your Cloud Infrastructure securely, by using an encrypted VPN Tunnel

How to deploy the Azure Agent in your network

Step 1: Create a new VPN Profile

Go to VPN Profiles, click on + Add VPN Profile, and select Use VPN agent to configure it. If you need more options to scan your internal networks using VPN, check out our dedicated articles.

You can either add your internal DNS server or set the default value.

Attach the new profile to one of your workspaces and click Save. It will be displayed in the VPN Profiles list.

Click on the yellow button Deploy.

Downwards Black Arrow | ID#: 13080 | Emoji.co.uk

Go to the Cloud tab and click Get Started from Azure.

Step 2: Launch the Azure Pentest-Tools.com VPN agent 

Access the Pentest-Tools.com VPN agent (internal scanning) Azure Marketplace page and click Get it now.

You won't be charged for using the Pentest-Tools.com VPN Agent on Azure, but you require an active license on Pentest-Tools.com to make use of this service.

In the pop-up window, confirm by clicking Get it now again an wait for your request to be processed.

You should then be redirected to the configuration page of Pentest-Tools.com VPN agent in the Azure Portal. 

Here, click on the Create button.

Click on Create and proceed to configure the virtual machine that will host your VPN agent:

  • Add a resource group (replace the "vpn-agents" example in the screenshot with your a resource group on your own account)
  • Set a name for your virtual machine in the Virtual machine name field
  • Choose your region, availability and zone options, availability zone
  • ⚠️IMPORTANT! In the Username field, change the value from "azureuser" to "ubuntu"
  • Generate a new key pair or use an existing one
  • All the other options can be left as default

Click on Review + create in the configuration page and then on Create in the TERMS page.

The following pop-up may appear, in case you selected to generate a new SSH key pair.
Select the option to Download private key and create resource in order to finalize the virtual machine creation process.

Wait for the newly created virtual machine to be deployed.
When the message informing you that "Your deployment is complete" click on Go to resource

You will be redirected to the Overview section of the newly deployed virtual machine, where you can find more details, such as the the public IP address of the virtual machine (which will come in hand later).

Step 3: Synchronize the deployed Agent with your Pentest-Tools.com VPN Profile

The virtual machine running the Azure Agent has an open SSH port (22) that you can connect to.

Using your private key generated by Azure in the last step of the virtual machine creation process, you can connect as described in the following guide: Connect to a Linux VM

Alternately, you can simply follow these quick four steps:

  1. Open your preferred SSH client
  2. Locate your private key file
  3. Run this command, if necessary, to ensure your key is not publicly viewable. chmod 400 key.pem
  4. Connect to your instance using its Public IP address (found in the Overview section noted earlier)

Here’s a quick example: ssh -i "key.pem" ubuntu@public_ip_address.com

If the connection is successful, you’ll receive a welcome message from Pentest-Tools.com.

You can also use the Azure Cloud Shell if you find it more convenient (there is no SSH client required).
Use the user name ubuntu.

Here, the agent prompts you to enter a new VPN Profile UUID, so all you need to do is copy and paste it from Pentest-Tools.com VPN Profiles.

The agent saves the UUID and starts the VPN Agent.

Step 4: Test the VPN Connection from your account 

After the Azur Agent is successfully connected, test the connection from your account.

Go back to the VPN Profiles page and check to see if the status of the VPN profile from which you copied the UUID is "Online".
You can also press the Test connection button for the profile - a success message should appear.

If the status of the profile shows "Offline", please repeat Step 3 and double-check the VPN Profile UUID.

Note: Don’t forget to keep the virtual machine running, in order to have the VPN agent online for the entire duration of the scans.
Congrats! 🎉
You’ve successfully configured the Azure Agent and you can start scanning your infrastructure.