Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.
3.2.2. Tunnel Types and Configuration
P2S supports three tunnel protocols, each with different capabilities:
| Protocol | Platforms | Ports | Best For |
|---|---|---|---|
| IKEv2 | Windows, macOS, iOS | UDP 500, 4500 | Native clients, best performance |
| SSTP | Windows only | TCP 443 | Restrictive firewalls (HTTPS port) |
| OpenVPN | All platforms | TCP/UDP 443 | Cross-platform, Azure AD auth |
Client Configuration: After configuring the gateway, download the VPN client package:
- Windows: Native or OpenVPN client
- macOS/iOS: Native IKEv2 or OpenVPN
- Linux: OpenVPN client
Address pool defines the IP range assigned to connected clients. This pool must not overlap with VNet address spaces or on-premises networks.
💡 Design tip: Size the address pool for peak concurrent connections plus 20% buffer. A /24 gives you 251 usable addresses—plenty for most scenarios.
Written byAlvin Varughese
Founder•15 professional certifications