VPN Gateway

 A VPN Gateway is required to connect securely to the Azure Network via secure connections.  VPN Gateway provides the secure endpoint for encrypted connections.

Create a VPN Gateway

To create a VPN Gateway - create a Virtual Network and add two or more Virtual Machines(VMs).  These VMs are deployed in a special subnet called the gatewaySubnet. The gateway type is "vpn"

The VPN Gateway can be :

> Network to Network:  From one VPN Gateway to another - to connect two networks to Azure - also called site-to-site

>    Cross-Network :  From say, on-premise network to Azure

>  Point to site :  computer to Azure network

For our KEI company - we will be using Site-to-Site and Point to Site.  Protocols : IPSec and SSTP.

Requirements to setup a VPN Gateway

1.     An Azure Virtual Network

2.    Gateway Subnet

3.      Virtual Network Gateway

4.    Certificates

5    Client address pool

6    

1. Configure the tunnel type

2. Configure the authentication type

3. Upload the root certificate public certificate data

4. Install an exported client certificate

5. Generate and install the VPN client configuration package

6. Connect to Azure

Design Questions:

1.  Are you going to connect via Internet?  Good connection to the Internet is enough

2.    Do you already have a VPN device that needs to be connected to?  compatibility to be considered.

3. Will you want mulitple connections or site-to-site.?

Reference:

https://docs.microsoft.com/en-us/learn/modules/configure-network-for-azure-virtual-machines/4-explore-azure-vpn-gateway