Azure VPN

Azure virtual network gateways are core routers within an Azure virtual network. They connect an Azure network to different kinds of interconnect options. Those options are site-to-site VPN, point-to-site VPN, Azure virtual WAN, or ExpressRoute.

Every VNet can have at least one VPN gateway. VPN gateways are available in different service option with different features and available services. You can find a detailed list about the gateways in the Microsoft documentation at https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku.

Since Ignite 2018, Microsoft has extended this offering to network gateways. Addressing customer needs regarding better SLAs for gateways, it started to offer zone-redundant virtual network gateways for ExpressRoute and VPN. Those gateways are placed into different Azure data centers with separated power supplies, cooling, and data center environments. This prevents those gateways from data center outages and failures.

With Microsoft VPN or virtual network gateways, you have the following options to connect to your on-premises environment: 

  • Policy based: IPSec IKEv1, single-site connection with static routing
  • Route based: IPSec IKEv2, multisite connection with static routing and BGP 

Depending on the devices you connect to on-premises, you can either choose policy or route based. To known what your device supports, you can ask the vendor or check the Microsoft documentation at https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-devices

I would only use a route-based option. Most of the devices we have out there are able to connect to a route-based gateway or the route-based gateway, can emulate a policy-based option. Go to https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-ipsecikepolicy-rm-powershell for more details.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.129.39.252