Azure Site-to-Site VPN

Microsoft Azure gateway objects give the ability to configure site-to-site or device-to-site VPN (virtual private network) connections. With a site-to-site VPN, your physical network will be connected to your Azure hosted virtual network. This is an easy way to create a hybrid cloud environment, where some of your servers are on your local network, and some hosted as Azure Virtual Machines. Setting up a site-to-site network will allow these servers to communicate with each other, and allow client workstations to communicate with the Azure hosted Virtual Machines as if they were locally on your LAN.

NOTE ON SECURITY: Before attempting this, you should really plan out your security rules to make sure only required traffic is allowed between the two networks.

How to Get Started

  1. Microsoft TechNet has several guides to help you through the process of setting up either static or dynamic site-to-site VPNs.
  2. If you want to make this process as easy as possible, make sure your gateway router/firewall is on Microsoft’s list of compatible devices. Microsoft has published an updated list of supported VPN devices on their Azure post “About VPN devices for Site-to-Site VPN Gateway connections“.

Robert Borges

About Robert...

I have been in the IT industry since 1993 focusing mainly on networking. Though I got an early start as an amateur computer enthusiast and wrote my first database app at age 12, I started my professional career working in the MIS department of one of the largest liquor distributors in the northeast. I started out there as a systems operator on the company’s two mainframe systems. From there I moved into PC support, and help design and implement the company’s first client-server network… This was back in the days of Win NT 3.51 when I worked on my first migration to Windows NT 4.0 server.

From there I went on to work with Novell 3.x and 4.x along with Windows domains and Microsft's brand new Active Directory. Working my way up from technician to specialist, to an administrator, and eventually all the way up to Sr. Engineer. I spent many years working for MSPs/consulting firms, 9 of which I owned and operated my own firm.

Over the years, I have worked with (at an expert level) various versions of Windows client and server operating systems (including Windows 11 and Windows Server 2019); various virtualization technologies (Hyper-V, VMware, etc.); MS-SQL server 6.5- 2014 R2; Exchange 4-2019, and much more.  Over the years I have built a lot of experience around the Microsoft Azure and Microsoft 365 cloud environments.

I am now CTO at Infused Innovations where our team is focusing on helping clients build a Secure Intelligent Workplace through InfoSec (Zero Trusts Framework), Modern Workplace, and Business Intelligence.

I have been heavily involved in the IT user group community, including serving as president of the board of Boston User Groups, Inc., and president of IT-Pro User Group. In 2017/2018 Microsoft awarded me the Microsoft MVP (Most Valuable Professional) Award, with a focus of Microsoft Azure cloud, for my efforts in the IT community.

I am in a constant state of learning about new products, and new versions of products. Many of which we end up implementing in lab environments and sometimes for our clients. I have a very broad range of expertise and experience. It is my goal to share some of this experience on this blog to help enrich the IT community.

Permanent link to this article: https://www.robertborges.us/2016/03/cloud-computing/azure-site-to-site-vpn/