Skip to content

Azure VPN Gateway

1. VPN Gateway

Azure VPN Gateway is a service that can be used to send encrypted traffic between an Azure virtual network and on-premises locations over the public Internet. You can also use VPN Gateway to send encrypted traffic between Azure virtual networks over the Microsoft network.

  • Site-to-site connection: A cross-premises IPsec/IKE VPN tunnel connection between the VPN gateway and an on-premises VPN device.

Pasted image 20240917124955.png

  • Point-to-site connection: lets you connect to your virtual network from a remote location, such as from a conference or from home. Pasted image 20240917125010.png

  • VNet-to-VNet: An IPsec/IKE VPN tunnel connection between the VPN gateway and another Azure VPN gateway that uses a VNet-to-VNet connection type. Pasted image 20240917125026.png

  • ExpressRoute + VPN Gateway: A combination of ExpressRoute + VPN Gateway connections (coexisting connections). Pasted image 20240917125036.png

Pasted image 20240917124834.png

Public IP

  • A VPN gateway requires a public IP address for communication.
  • A zone-redundant gateway requires a public IP address that also supports zone-redundancy.

2. References

- https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways