So that my azure hosted visual studio vm might talk to our locally hosted TFS server, in inside a corporate network, I need to establish a second VPN tunnel between my PC – acting as a viewer of other desktops – and azure. The first tunnel is between the PC and the corporate network, of course.
Note carefully the –in parameter, above. It is NOT CN=somethingaboutroots
No matter what I did, I could not get makecert to work on windows 8.1 – as configured on a Surface Pro, by default. I ended up using a windows 2012 machine (the very azure hosted VM im trying to connect the LAN to!)
configuring and installing the vpn client for windows 8 worked, ok. the net result was sensible, augmenting the routes introduced by merely connecting to a starbucks wifi access point (tracked by NSA of course, in concert with AT&T and/or Google).
The vpn circuits do then show themselves, indicating that my azure virtual network (gateway) has issued me adapter a 10.0.0.2 address, in its 10.0.0.0/29 client pool (of 32 clients max).
And we seem to have at least SOME connectivity!