I've set up an Azure Firewall (premium) successfully and configured route tables, linked my VNETs, and set up appropriate firewall rules, so everything's functioning well. Currently, we have a Virtual Network Gateway (VNG) connecting our office via a Site-to-Site VPN and an Azure VPN through the same VNG. I'm unsure if I actually need a Virtual Hub in this configuration. Additionally, how can I ensure the traffic from the VNG goes through the Azure Firewall? Does that involve the Virtual Hub? Also, I'm a bit confused about the relationship between Virtual WAN and Virtual Hub — are they connected concepts?
3 Answers
Honestly, it seems overkill unless you've got a sprawling network. If it’s just a few sites, stick with your current setup and adjust your routes accordingly. Virtual WAN is more beneficial if you're really scaling up your operations.
In my experience, I use Virtual WAN when I have more VPN connections than Azure VPN Gateway can manage. If you're part of a distributed company with multiple locations, then going with Virtual WAN could be a solid choice to simplify your network management.
You really don't need a Virtual Hub for your setup. You can direct traffic straight from the gateway subnet to your firewall. Virtual WAN and Virtual Hub do go together, but they're mainly suited for larger organizations with numerous sites because they help streamline routing, even if it reduces some control on your part.
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads