Azure VPN Gateway

Azure VPN Gateway is a service that you can use to send encrypted traffic between your on-premises networks and your Azure Virtual Network, or between two or more Azure Virtual Networks. VPN Gateway can also be used to connect to other Azure services, such as Azure Bastion or Azure Kubernetes Service.

What is VPN Gateway?

VPN Gateway is a type of virtual network gateway that sends encrypted traffic across public networks. It's a managed service that allows you to establish secure site-to-site (S2S), network-to-network (N2N), or point-to-site (P2S) VPN connections.

Key Concepts

Use Cases

VPN Gateway is essential for scenarios such as:

Creating a VPN Gateway

You can create a VPN gateway through the Azure portal, Azure CLI, or Azure PowerShell. The process typically involves:

  1. Creating a Virtual Network Gateway resource.
  2. Configuring gateway type, VPN type, and SKU.
  3. Associating it with a gateway subnet within your Virtual Network.
  4. Creating connections to other networks or sites.
Tip: Ensure you create a dedicated subnet named 'GatewaySubnet' within your Virtual Network before creating the VPN Gateway.

VPN Gateway SKUs and Performance

The choice of SKU significantly impacts the throughput and features available. Below is a simplified overview:

SKU Max Tunnels Throughput (Gbps) Features
Basic 10 ~100 Mbps Basic S2S and P2S
VpnGw1 30 ~1.25 Gbps Standard S2S, P2S, N2N
VpnGw2 120 ~5 Gbps Enhanced S2S, P2S, N2N, Active-Active

Refer to the official Azure VPN Gateway SKU documentation for the most up-to-date details.

Monitoring and Troubleshooting

Azure Monitor provides comprehensive tools to monitor your VPN Gateway's health and performance. You can track metrics like:

Note: For troubleshooting connectivity issues, check your firewall rules, routing tables, and the configuration on your on-premises VPN device.

Next Steps

Previous: Address Spaces Next: Virtual Network Peering