Azure Documentation

Azure Virtual Network Gateways

Securely connect your on-premises networks and other virtual networks to Azure.

Gateway Overview

Azure Virtual Network gateways are used to send network traffic between your Azure virtual network and your on-premises networks. They can also be used to send traffic between virtual networks in Azure.

Types of Virtual Network Gateways

Azure offers two primary types of virtual network gateways:

  • VPN Gateway: Provides encrypted connections over the public internet. This is ideal for hybrid cloud scenarios where you need to connect your on-premises data center to Azure.
  • ExpressRoute Gateway: Provides private, high-throughput, low-latency connections through a dedicated network connection with a connectivity provider. This is suitable for mission-critical applications and large-scale data transfers.

Key Features and Benefits

Security

Secure tunnels for data transmission over public and private networks.

Connectivity

Connects on-premises networks, other Azure VNets, and more.

Performance

Offers various SKUs for different throughput and latency requirements.

High Availability

Built-in redundancy options ensure continuous connectivity.

Use Cases

Virtual network gateways are fundamental for implementing various networking strategies in Azure:

  • Hybrid Cloud Connectivity: Seamlessly extend your on-premises infrastructure into Azure.
  • Site-to-Site VPN: Connect your office network to an Azure virtual network.
  • Point-to-Site VPN: Connect individual client devices to an Azure virtual network.
  • VNet-to-VNet Connectivity: Connect multiple Azure virtual networks together.
  • ExpressRoute Private Connection: Establish dedicated private connections for optimal performance.

Getting Started

To get started with Azure Virtual Network Gateways, you'll typically need to:

  1. Create or select an existing Azure Virtual Network.
  2. Create a Gateway Subnet within your Virtual Network.
  3. Create a Virtual Network Gateway resource, selecting either a VPN or ExpressRoute gateway.
  4. Configure connections based on your specific requirements (e.g., VPN device for S2S, client certificates for P2S).

Refer to the detailed guides for VPN Gateways and ExpressRoute Gateways for step-by-step instructions.

Deployment Considerations

When deploying a virtual network gateway, consider the following:

  • Gateway SKU: Choose a SKU that matches your performance and feature needs.
  • Generation: Newer generations offer improved performance and features.
  • Redundancy: Configure active-active or active-standby for high availability.
  • IP Addressing: Ensure correct public and private IP configurations.

Understanding your traffic flow and connectivity requirements is crucial for selecting and configuring the right gateway solution.