VPN and ExpressRoute

Virtual Private Networks (VPN) provide a secure connection between an endpoint or site. An endpoint is a single device with the VPN client installed. A site is a location connected by a VPN device. Azure VPN Gateways support both Point-to-Site and Site-to-Site VPNs for supported devices.

Point-to-Site VPN

  • A Dynamic Routing (aka Route-based) VPN gateway is required
  • A Standard or High Performance VPN gateway may be provisioned
    • Standard = 80Mbps, 10 S2S Tunnels
    • High Performance = 200Mbps, 30 S2S Tunnels
  • A client certificate must be created and installed on VPN clients
  • A configuration package can be downloaded from Azure for client setup
  • VPN clients are assigned an IP address from the user configured range
  • Utilises the Secured Socket Tunnelling Protocol (SSTP)

Site-to-Site VPN

  • A Static Routing (aka Policy-based) or Dynamic Routing VPN gateway is required
    • Some VPN devices only support Static Routing however this limits you to a single connection
  • Supported VPN devices are listed here
  • Providing Dynamic Routing is used Site-to-Site and Point-to-Site VPNs can coexist
  • Multiple sites can be connected to a single VPN Gateway, this is known as a Multi-site VPN

ExpressRoute

  • ExpressRoute provides a reliable, resilent and private connection of up to 10 Gbps into the customer network
  • There are 2 ways to connect
    • Exchange Service Provider – up to 10 Gbps
    • Network Service Provider – up to 1 Gbps
  • Connections into Office 365 are also possible using ExpressRoute
  • ExpressRoute Fridays archived webinars and

vNet-to-vNet VPN

  • Connect 2 Azure Virtual Networks
  • Supports georedundancy and geopresence

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s