Adding VPN Connection to Expressroute Gateway

Son 311 Reputation points
2024-01-12T13:19:39.6566667+00:00

Hi,

We currently have a configured and working Express Route in our hub VNet which is running on a VNet Gateway type of ExpressRoute.

I need to add a S2S VPN to the gateway so that one of our non-connected companies can connect to a server in one of our spokes. This company is unable to use the ExpressRoute as they are not on our MPLS network on-premises.

Is it a simple case of adding a new VPN Connection to the gateway?

Below are some of our specs of the gateway:

  • Gateway subnet: /26
  • Gateway type: ExpressRoute
  • SKU: ErGw1AZ
  • Active-active mode: Disabled
  • Configue BGP: Disabled

Reviewing this article makes it seem like it would be a simple enough config of the VPN as we have a sufficient length GatewaySubnet:

https://video2.skills-academy.com/en-us/azure/expressroute/how-to-configure-coexisting-gateway-portal#to-configure-coexisting-connections-for-an-already-existing-vnet

Thanks!

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,433 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,258 questions
Azure ExpressRoute
Azure ExpressRoute
An Azure service that provides private connections between Azure datacenters and infrastructure, either on premises or in a colocation environment.
340 questions
0 comments
Accepted answer
  1. ChaitanyaNaykodi-MSFT 24,231 Reputation points Microsoft Employee
    2024-01-13T02:40:23.1733333+00:00

    @Son

    Thank you for reaching out.

    I understand you wish to configure co-existing S2S VPN with your Express Route Connections

    As the Gateway subnet size is /26, yes you just need to add additional Virtual network gateway of type VPN as shown here. Just take a note of following points

    • The GatewaySku is only supported for VpnGw1, VpnGw2, VpnGw3, Standard, and HighPerformance VPN gateways.
    • The VpnType must be RouteBased
    • If you want to enable connectivity between one of your local networks that is connected to ExpressRoute and another of your local network that is connected to a site-to-site VPN connection, you need to set up Azure Route Server.
    • ExpressRoute co-existence with VPN gateway is supported, but only for IPv4 traffic. IPv6 traffic isn't supported for VPN gateways.

    Hope this helps! Please let me know if you have any additional questions. Thank you!

    ​​Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest