Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 247
  • Last Modified:

Azure Site to Site VPN redundancy over multiple WAN links.

I'm trying to configure an Azure Site to Site VPN with redundancy over multiple WAN uplinks.

However, according to this:

https://social.msdn.microsoft.com/Forums/azure/en-US/b64107be-6a74-477f-9ed4-eed0d500b945/sitetosite-vpn-connecting-to-dual-wan-router-failover?forum=WAVirtualMachinesVirtualNetwork

This is not possible.

I've created a Route-Based VPN in Azure to a Cisco 2911 successfully. I am able to pass traffic, and I can add another S2S VPN to the same Virtual Gateway in Azure, but I cannot reference the same on-premise subnet. According to this azure document its just not possible still:

https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-multi-site/

Is there any way to make this work?

If not will AWS be able to do it? My goal is to provide redundant VPN links to cloud services hosting a backup of our DC/NPS.

Thanks for any input!
0
Gina Zing
Asked:
Gina Zing
  • 3
1 Solution
 
ArneLoviusCommented:
It is not possible to have multiple endpoints with the same subnet.

If you had PI address space that was advertised by more than one ISP (usually using BGP4 as a routing protocol) you could have redundancy across your internet connections while still using a single endpoint.
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
Ive used sonicwalls to create a VPN tunnel with a secondary gateway IP to other sonicwalls and fortinet sand palo altos and it's worked fine with a secondary wan but I think this is a limitation with azure, not IPSec VPN tunnels as a whole.
0
 
ArneLoviusCommented:
@Aaron, its completely an Azure restriction
0
 
ArneLoviusCommented:
complete and concise
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now