VPN Gateway

Official Documentation

Service Description

A VPN gateway can be configured to securely connect a Virtual Network to local resources. The VPN gateway enables secure connection to a local computer (point-to-site) or to one or more local networks (site-to-site). An appropriate gateway is also required on the local side in case of site-to-site connections.

Getting Started

  1. 9/30/2016, Mva
    Exploring environments for your virtual machines and applications? Check out this practical Microsoft Azure Virtual Network course, one in a series of Azure training courses...
  2. 10/2/2016, Video, 1:24:46
    This session highlights the power of the Microsoft Azure Software Defined Network and Hybrid Networking to build and run enterprise grade applications. We cover how to build...
  3. 9/28/2016, Video, 1:08:59
    The benefits of Cloud to IT organizations is undeniable, yet many of you are in early stages of plotting out your journey to the Cloud. Microsoft Azure IaaS is a collection of...
  4. 9/29/2015, Video, 0:23:17
    Discover your hybrid networking connectivity choices to securely extend your on-premises network into the Microsoft cloud. Learn about the tradeoffs and how scenario...
  5. 2/1/2015, Whitepaper
    This document is a guide to enhancing network communications security to better protect virtual infrastructure and data and applications deployed in Microsoft Azure

Latest Content

Subscribe to News about VPN Gateway


Web Content

VPN Gateway Documentation

1. Overview
     1.1. About VPN Gateway
2. Tutorials
     2.1. Create and manage a VPN gateway
     2.2. Create and manage S2S VPN connections
3. Samples
     3.1. Azure PowerShell
4. Concepts
     4.1. Planning and design for VPN Gateway
     4.2. About VPN Gateway settings
     4.3. About VPN devices
     4.4. About cryptographic requirements
     4.5. About BGP and VPN Gateway
     4.6. About highly available connections
     4.7. About Point-to-Site connections
     4.8. About Point-to-Site VPN routing
     4.9. About zone-redundant gateways for Availability Zones
     4.10. Backend Connectivity Interoperability
          4.10.1. Preface and Test Setup
          4.10.2. Test Setup Configuration
          4.10.3. Control Plane Analysis
          4.10.4. Data Plane Analysis
5. How-to guides
     5.1. Configure Site-to-Site connections
          5.1.1. Azure portal
          5.1.2. Azure PowerShell
          5.1.3. Azure CLI
     5.2. Download VPN device configuration scripts
     5.3. Configure Point-to-Site connections - native Azure certificate authentication
          5.3.1. Configure a P2S VPN
      Azure portal
      Azure PowerShell
          5.3.2. P2S certificates and clients
      Generate self-signed certificates
           Azure PowerShell
          5.3.3. Install client certificates
          5.3.4. Create and install VPN client configuration files
     5.4. Configure Point-to-Site connections - RADIUS authentication
          5.4.1. Configure a P2S VPN
      Azure PowerShell
          5.4.2. Create and install VPN client configuration files
          5.4.3. Integrate P2S VPN RADIUS authentication with NPS server
     5.5. Configure OpenVPN
          5.5.1. Configure OpenVPN for Point-to-Site connections
          5.5.2. Configure OpenVPN clients
     5.6. Configure VNet-to-VNet connections
          5.6.1. Azure portal
          5.6.2. Azure PowerShell
          5.6.3. Azure CLI
     5.7. Configure a VNet-to-VNet connection between deployment models
          5.7.1. Azure portal
          5.7.2. Azure PowerShell
     5.8. Configure Site-to-Site and ExpressRoute coexisting connections
          5.8.1. Azure PowerShell
     5.9. Configure multiple Site-to-Site connections
          5.9.1. Azure portal
     5.10. Connect multiple policy-based VPN devices
          5.10.1. Azure PowerShell
     5.11. Configure IPsec/IKE policies on connections
          5.11.1. Azure PowerShell
     5.12. Configure highly available active-active connections
          5.12.1. Azure PowerShell
     5.13. Create a zone-redundant VNet gateway in Azure Availability Zones
     5.14. Routing, BGP, and VNet Peering
          5.14.1. Configure BGP for a VPN gateway
      Azure PowerShell
      Azure CLI
          5.14.2. Configure forced tunneling
      Azure PowerShell
      Azure PowerShell (classic)
          5.14.3. Configure gateway transit for VNet peering
     5.15. Modify local network gateway settings
          5.15.1. Azure portal
          5.15.2. Azure PowerShell
          5.15.3. Azure CLI
     5.16. Create a route-based VPN gateway
          5.16.1. Azure portal
          5.16.2. Azure PowerShell
          5.16.3. Azure CLI
     5.17. Verify a VPN gateway connection
     5.18. Reset a VPN gateway
     5.19. Delete a VPN gateway
          5.19.1. Azure portal
          5.19.2. Azure PowerShell
     5.20. Gateway SKUs (legacy)
     5.21. Configure third-party VPN devices
          5.21.1. Overview & Azure configuration
          5.21.2. Sample: Cisco ASA device (IKEv2/no BGP)
     5.22. Troubleshoot
          5.22.1. Community-suggested VPN or firewall device settings
          5.22.2. Configure and validate VNet or VPN connections
          5.22.3. Validate VPN throughput to a VNet
          5.22.4. Point-to-Site connections
      Point-to-Site connection problems
      Point-to-Site connection problems - Mac OS X VPN client
          5.22.5. Site-to-Site connection issues
      Site-to-Site connections
      Site-to-Site connection disconnects intermittently
     5.23. Classic deployment model articles
          5.23.1. Configure a Site-to-Site connection
          5.23.2. Configure a Point-to-Site connection
          5.23.3. Configure a VNet-to-VNet connection
          5.23.4. Configure forced tunneling
          5.23.5. Delete a VPN gateway
          5.23.6. Configure multiple S2S connections
          5.23.7. Configure a VPN gateway
          5.23.8. Classic to Resource Manager migration
6. Reference
     6.1. Azure PowerShell
     6.2. Azure PowerShell (classic)
     6.3. REST
     6.4. REST (classic)
     6.5. Azure CLI
7. Resources
     7.1. VPN Gateway FAQ
     7.2. Azure Roadmap
     7.3. Blog
     7.4. Forum
     7.5. Subscription and service limits
     7.6. Pricing
     7.7. Pricing calculator
     7.8. SLA
     7.9. Videos

Web Pages

Content Type
Microsoft Azure Network Security Whitepaper

Online Training Content

Date Title
9/30/2016 Microsoft Azure for IT Pros Content Series: Virtual Networking
9/25/2014 Microsoft Azure: Site-to-Site VPN


Tool Description


Date Title Length
High-performance data center expansion with Azure Networking
Your Private Network in the cloud: (Part 2) How to Set up and Use an Azure Virtual Network
Cloud Tech 10 - 19th June 2017 - Cloud Foundry, Azure Functions, VPN Gateways and more!
Achieve high-performance datacenter expansion with Azure Networking
Use Azure Infrastructure-as-a-Service (IaaS) as a starting point on your cloud journey
Azure ExpressRoute - How to create a connection between your VPN Gateway and ExpressRoute circuit
Azure ExpressRoute - How to create a VPN Gateway for your Virtual Network
BGP for VPN Part 3: Configure BGP
BGP VPN Part 2 Demo
BGP for VPN Part 1 - BGP Routing for Azure VPN Gateways

Page 1 of 2