About Azure VPN Gateways

Azure VPN Gateway is a service that you can use to send and receive encrypted traffic between your Azure virtual networks and your on-premises networks. You can also use VPN Gateway to send encrypted traffic between your Azure virtual networks and other Azure virtual networks.

What is a VPN Gateway?

A VPN gateway is a type of virtual network gateway that you use to send encrypted traffic between your Azure virtual network and an on-premises location. The on-premises location can be a corporate datacenter or a home office. A VPN gateway can also be used to send encrypted traffic between Azure virtual networks.

Key Features and Benefits

🔒

Secure Connectivity

Establishes secure, encrypted tunnels over the public internet, protecting your data in transit.

🌐

Hybrid Cloud

Seamlessly connects your on-premises infrastructure with your Azure virtual networks, enabling hybrid cloud solutions.

🔗

Site-to-Site VPN

Connects your on-premises network to your Azure virtual network securely.

💻

Point-to-Site VPN

Connects individual client computers to an Azure virtual network.

🔄

Network-to-Network VPN

Connects multiple Azure virtual networks together, even across different regions.

📈

Scalability and Performance

Offers various SKUs to meet different bandwidth and throughput requirements.

How it Works

Azure VPN Gateway uses IPsec tunnels to provide secure connectivity. When you configure a VPN gateway, it acts as a network endpoint for VPN connections. Your on-premises VPN device or other Azure VPN gateways establish tunnels to your Azure VPN gateway. All traffic passing through these tunnels is encrypted.

Tunneling Protocols

IKEv1 and IKEv2: Used for establishing the security associations (SAs) for the tunnels.
IPsec: The protocol suite used for encrypting and authenticating the data packets.
OpenVPN: Supported for Point-to-Site connections for broader client compatibility.

Common Use Cases

Connecting your on-premises datacenter to Azure for a hybrid cloud deployment.
Connecting remote users to resources in Azure securely.
Connecting different Azure virtual networks for improved disaster recovery or workload distribution.
Establishing a secure network for IoT devices or mobile applications.

Key Concepts

Virtual Network Gateway: The managed service in Azure that handles VPN connections.
Local Network Gateway: Represents your on-premises network or another Azure VNet in Azure.
Connection: The resource that links a Virtual Network Gateway to a Local Network Gateway, defining the connection type and parameters.
Gateway SKU: Determines the performance, throughput, and features of your VPN Gateway.

Get Started

To learn more about configuring and managing Azure VPN Gateways, please refer to the official Azure documentation:

Azure VPN Gateway Documentation