Hey everyone! I'm looking to set up an IPSec VPN in Azure to connect my on-premises network, firewall, and VMs to Azure. I have a few questions: What's the best way to go about this? Are there any common pitfalls I should watch out for? And what best practices should I follow for security and performance? Thanks in advance for your help!
2 Answers
I recommend checking the official documentation for a solid starting point. Make sure you're familiar with BGP or other dynamic routing protocols if you're planning to use them. It helps to clearly define what you want to achieve with the VPN setup too.
Static is definitely an option! Just depends on your network design.
To set this up, create a Virtual Network Gateway and a Local Gateway with your on-premises IP and firewall subnet. Then, establish the connection. Always use the most secure protocols available in your IPSec policy! Check out the detailed tutorial here: https://learn.microsoft.com/en-us/azure/vpn-gateway/tutorial-create-gateway-portal
Is dynamic routing necessary? Can't I just use a static address for my on-prem resources?