Azure Gateway - shivpun/az-900 GitHub Wiki

VPN Gateway

  1. send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet.
  2. Each virtual network can only have one virtual network gateway of each type.
    The available values for -GatewayType are:
  1. Vpn
  2. ExpressRoute
  1. A virtual network gateway is composed of two or more VMs that are deployed to a specific subnet you create called the Gateway Subnet. It is used for routing the traffic from one network to another network.
  2. Gateway SKUs by feature set:
    Basic
  1. Route-based VPN or (Dynamic Routing): 10 tunnels for S2S/connections;
  2. Policy-based VPN or (Static Routing): (IKEv1): 1 S2S/connection tunnel;

In the following tables:

  1. SA = Security Association

  2. IKE Phase 1 is also called "Main Mode"

  3. IKE Phase 2 is also called "Quick Mode"

  4. VPN Gateway can be used to connect different Azure Subscriptions.
  5. VPN Gateway as Active-Active without additional cost.

VPN Gateway design

⚠️ **GitHub.com Fallback** ⚠️