I've set up an Azure Firewall (premium) successfully, including route tables and linked VNETs, and configured the firewall rules. Everything is working well so far. I now have a Virtual Network Gateway (VNG) that connects my office through a Site-to-Site VPN and another Azure VPN using the same VNG. I'm wondering if I actually need a Virtual Hub. Additionally, how can I ensure that the VNG traffic passes through the Azure Firewall? Is achieving this the main purpose of a Virtual Hub? Also, are Virtual WAN and Virtual Hub connected concepts? I'm feeling a bit confused about all of this.
3 Answers
I usually go for Virtual WAN if my setup requires more VPN connections than what an Azure VPN Gateway can support. If you're working with a distributed company that has multiple sites, then the Virtual WAN could really be beneficial. It's just a matter of scaling your connections effectively.
Yeah, it sounds like you might just need to focus on your existing setup. The Virtual Hub can be useful, but it really depends on your organization's size and needs. If it's just a small number of connections, stick with what you have for now!
You don't actually need a Virtual Hub to get things working. You can just route traffic from your gateway subnet directly to your firewall. The Virtual WAN and Virtual Hub are more relevant for large-scale, globally distributed networks. If you have multiple on-premises sites in different locations, then a Virtual WAN can simplify routing a lot, though it might mean giving up some control. It's geared more towards bigger organizations with complex needs.
Thanks for the advice! I think I’ll keep it simple for now.