Azure – Networking – Part 12 – Azure VPN Network Gateway

Hello Friends,

Today, we will discuss about Virtual Network Gateway. It is a very useful service provided by Microsoft Azure. When we are taking about any hybrid solution in azure or if we are talking about a secure connection between Azure environment and our On-Premise environment, Virtual Network Gateway is considered as the base /root of this configuration. Let’s have a discussion on the basics of this component.

If you have missed our previous articles on azure networking, please check it in following links.

Part 6 – Azure Application Gateway Features

Part 7 – Create An Application Gateway With URL-Based Routing Configuration- 1

Part 8 – PowerShell To Create An Application Gateway With URL-Based Routing Configuration- 2

Part 9 – Configure Custom Domain In Azure DNS

Part 10 – Issue when Configure DNS Records In Azure DNS

Part 11 – ExpressRoute

Next Article : Part 13 – Configure Azure Point-to-Site VPN

Virtual Network Gateway :

  • A virtual network gateway is the software VPN device for our Azure virtual network.
  • It helps to establish a connection between an Azure virtual network and our local network .
  • A virtual network gateway is composed of two or more virtual machines that are deployed to only Gateway Subnet. No other resource should deployed to that subnet.
  • Virtual network gateway VMs are configured to contain routing tables and gateway service specific to the gateway.
  • It helps to establish a very secure connection to communicate encrypted data.

Type Of Virtual Network Gateway :

There are two different types of virtual network gateway. Each virtual network can only have one virtual network gateway of each type.

  1. VPN Network Gateway
    It send encrypted traffic across the public Internet, when we use the gateway type ‘VPN’. This is also referred to as a VPN gateway. Point-to-Site, Site-to-Site and VNet-to-VNet connections all use a VPN gateway.
  2. ExpressRoute Network Gateway
    It send network traffic on a private connection, when we use the gateway type ‘ExpressRoute’. In my last article we have discussed about ExpressRoute. To finalize the configuration of a new connection for ExpressRoute, we required a Express Network Gateway.

Connection Topology Diagrams For VPN Network Gateway :

There are different configurations available for VPN network gateway connections. We need to determine which configuration is matching with our requirements.

  • Point-to-Site (VPN over IKEv2 or SSTP)
  • Site-to-Site (IPsec/IKE VPN tunnel)
  • Multi-Site (IPsec/IKE VPN tunnel)
  • VNet-to-VNet connections (IPsec/IKE VPN tunnel)
  • VNet peering

Create VPN Network Gateway through Portal :

Before we starts to create a new VPN Network Gateway, I have already created/configure my Virtual Network and Resource group. We can check following links about how to configure both of them.

What is Resource Group and How to configure Azure Virtual Network (VNet)

We can also create both of the above resource, when we will configure virtual network gateway. Let’s start with the configuration.

1. Connect to your Azure portal dashboard using your subscription account. If you don’t have any subscription, in that case you can get trial Azure subscription with one-month of validity. Then you can connect to the azure portal dashboard as in following figure.

Figure 1: Azure – portal dashboard

2. Try to find Virtual Network Gateways from marketplace as shown in the following figure.

Figure 2 : Azure – Virtual Network Gateway – Networking

3. On Virtual Network Gateways landing page, we can see all existing network gateways. If we want to create a new virtual network gateway, click Create Virtual Network Gateway or +Add button as shown in the following figure.

Figure 3: Azure – Create Virtual Network Gateway

4. Provide all required information to create a new Virtual Network Gateway as shown in the following figure.

Figure 4: Azure – Provide required input Virtual Network Gateway

Now click Review + Create button to create the network gateway. As we can see in the following figure, the creation of virtual network gateway is underway.

Figure 5: Azure – Virtual Network Gateway creation is underway

It took around 30-45 minute to create and configure a virtual network gateway. Once it is created we can see the details of the newly created virtual network gateway as shown in the following figures.

Figure 6: Azure – Virtual Network Gateway created successfully

Figure 7: Azure – Virtual Network Gateway overview
Figure 8: Azure – Virtual Network Gateway configuration

We are ready with our VPN Network Gateway . Now we can configure our connections as per our requirement. No default connection comes with the creation of a virtual network gateway.

Figure 9: Azure – Virtual Network Gateway Connections

As we can see in the following figure, there are different connection type available. we can choose one of them as per our requirement.

Figure 10: Azure – Virtual Network Gateway configure Connections

Through VPN Network Gateway we can also configure Point-to-Site connection. In our next article, have discussed, how to Configure Point-to-Site vpn Connection.

Figure 10: Azure – Virtual Network Gateway configure Point-to-Site connection

I hope this article helps you to understand the basic of Virtual Network Gateway and VPN Network Gateway.

My next article of this series is Part 13 – Configure Azure Point-to-Site VPN .

Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more.

If you have any suggestion / feedback / doubt, you are most welcome. Stay tuned on Knowledge-Junction, will come up with more such articles

Thanks for reading  🙂