Azure VPN question
Hello,
Am i able to set up a point to site VPN from my lab to azure in order to extend my lab's domain to Azure? I don't or can't use a site from my lab, so wondering what my options are? I have Azure sub
Thank you
Am i able to set up a point to site VPN from my lab to azure in order to extend my lab's domain to Azure? I don't or can't use a site from my lab, so wondering what my options are? I have Azure sub
Thank you
Cliff Galiher
What do you meant you don't or can't use a site? The basic conditions for a VPN are the same, regardless of whether it is point to point, point to site, or site to site. So that sort of doesn't make sense.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you both. So from my lab, I'm right in thinking I can't opt for site to site? I thought there was an approved list of gateway devices, where as I am using my Virgin router.
Yes, there is a list, look at here: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-devices
Look for your Virgin router but I have never heard of them
Look for your Virgin router but I have never heard of them
The standards for VPN are pretty well established. You don't have to use a validated device (your due of the word approved implies you would), but a validated device has been tested to meet certain r criteria and is therefore beneficial for people shopping and want guaranteed compatibility.
ASKER
Perhaps i can rephrase. I cannot use site-to-site from a home lab. So, my question. If a create a Point to site connection, will this be enough to extend my lab domain to azure by way of deploying a domain controller to Azure? Thank you.
Probably not. Point to site is exactly that. But what you describe about wanting to extend your lab) multiple machines implied) is a site to site. Which circles back to my initial statement that your question didn't entirely make sense. Why can't you do a site to site?
Not exactly, the point to site connection is just to connect punctually to the Azure virtual network and do some work but if you need any resource in the Azure virtual network side, you would need to manually connect to the point to site, work and then disconnect. It works for people that are outside the network and that requires access to the Azure resources (VM (DC,DB,Etc), storage, etc) but it's not meant to be a permanent solution.
But if you can pay the pain of connecting and disconnecting worth the test, but remember that for get connected to the Azure VM you need to enable the VPN before accessing any service, for this reason is not viable to create a DC in azure and try to access it using Point2Site, because the Domain controller won't be accessible until you're logged and connected to the VPN.
But if you can pay the pain of connecting and disconnecting worth the test, but remember that for get connected to the Azure VM you need to enable the VPN before accessing any service, for this reason is not viable to create a DC in azure and try to access it using Point2Site, because the Domain controller won't be accessible until you're logged and connected to the VPN.
ASKER
Many thanks. After spending the last 3 hours reading about Azure VPN, I realise i didn't have the experience to ask a proper question - so, well done for attempting :) I have now setup my P2S connection and am further down the learning trail.
I'm glad to help