VPN Gateway peering

0
votes

I know Virtual network peering is a thing but just like that is VPN Gateway peering is a thing? if so then if a VPN Gateway(A) with AD AuthN(OpenVPN SSL tunnel type) and a VPN Gateway(B) with Azure certificate-based authN with SSTP(SSL) tunnel type, Can A and B be peered.

Questions based on above:

  1. Do we have to do S2S peering setup between A and B with manual routing for each to access any resource from A to B and vice versa?
  2. What is the limitation of this setup and advantages(if any)?
  3. Will it be called a Hybrid solution?
1
azurevpnazure-virtual-networkopenvpnazure-vpn

1 Answers

0
votes

If you have two VPN gateways in Azure, you could configure the VNet-to-VNet connections to connect Azure VNets to each other. You don't need manual routing. VNet-to-VNet supports connecting virtual networks. Connecting multiple Azure virtual networks together doesn't require a VPN device unless cross-premises connectivity is required.

When you connect a virtual network to another virtual network with a VNet-to-VNet connection type (VNet2VNet), it's similar to creating a Site-to-Site IPsec connection to an on-premises location. Both connection types use a VPN gateway to provide a secure tunnel with IPsec/IKE and function the same way when communicating. However, they differ in the way the local network gateway is configured.

When you create a VNet-to-VNet connection, the local network gateway address space is automatically created and populated. If you update the address space for one VNet, the other VNet automatically routes to the updated address space. It's typically faster and easier to create a VNet-to-VNet connection than a Site-to-Site connection.

You could read the document for more details.