Score:0

Connecting Azure Site-to-Site VPN to On-prem Gateway with 2 public IP's

in flag

I have a cisco ISR on-prem with 2 endpoints (primary and secondary) and I want to connect my Azure VPN Gateway to both endpoints through a single connection (same local address space for both IP's).

When creating an Azure local network gateway I can only enter 1 public IP address, not 2. Is there a way to connect with 2 IP's from the Azure VPN Gateway?

Thank you

Score:0
gb flag

Can't be done the way you are asking. You have a couple options. You can set up both onprem Devices to the same VPN Gateway.

Multiple on-premises VPN devices

Or, you can set up a full mesh.

Active-active VPN gateways

More details here: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-highlyavailable#multiple-on-premises-vpn-devices

user2713516 avatar
in flag
Thanks, I see that both options require BGP, but do both options also require a redundant Azure VPN setup (either active active or active/standy) or can a single instance work as well?
Ken W MSFT avatar
gb flag
No, the first option doesn't require you to create a second VPN gateway. It is showing the default secondary VPN created by the service. Every Azure VPN gateway consists of two instances in an active-standby configuration. BC of this config, there is a brief outage as the active swap occurs. The Active-Active config can remove that swap over outage.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.