Azure VPN Gateway – Overview
The Azure VPN Gateway connects your on‑premises networks to Azure through site‑to‑site (S2S), point‑to‑site (P2S), or VNet‑to‑VNet VPN connections. It provides secure, encrypted traffic over the public internet, enabling hybrid networking scenarios that extend your data center or remote offices to the Azure cloud.
Key Features
- Policy‑based and route‑based VPN gateways
- Support for multiple tunnels per gateway for high availability
- Built‑in BGP for dynamic routing
- Integration with Azure ExpressRoute for hybrid connectivity
- Advanced security with IPsec/IKEv2 protocols
Gateway Types
Azure offers three primary gateway SKUs, each optimized for different workloads:
SKU | Max Throughput | # of tunnels | Typical Use‑case
--------------------------------------------------------------
VpnGw1 | 650 Mbps | 10 | Development / testing
VpnGw2 | 1.25 Gbps | 30 | Production workloads
VpnGw3 | 1.75 Gbps | 30 | High‑performance, large‑scale
Architecture Diagram
Common Scenarios
- Site‑to‑Site (S2S): Connect an on‑premises datacenter to an Azure VNet.
- Point‑to‑Site (P2S): Enable individual devices to connect securely from any location.
- VNet‑to‑VNet: Link multiple Azure VNets across regions.
- Hybrid with ExpressRoute: Use VPN as a failover for ExpressRoute.
Pricing
Pricing is based on the selected SKU, data transfer, and the number of active tunnels. See the Pricing page for a detailed breakdown.