Managing VPN tunnel after office hours

CHIA WAI YONG 20 Reputation points
2023-07-06T03:37:21.3033333+00:00

I have created a site-to-site vpn tunnel but want it to be disabled after office hours to save some costs.

Any recommendations on how to cut cost regarding the vpn tunnel?

Also saw some other posts where there is a way to delete and recreate the vpn gateway via ARM templates or Terraform. is there a guide for this?

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,618 questions
{count} votes

Accepted answer
  1. KapilAnanth-MSFT 48,411 Reputation points Microsoft Employee
    2023-07-06T05:58:06.05+00:00

    @CHIA WAI YONG

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you would like to keep the costs of using a VPN Gateway to minimum.

    I wouldn't suggest creating and deleting a VPN Gateway daily as a good option.

    The best way is to make sure you select an SKU at better matches your requirement.

    You can still go ahead with deleting and recreating the VPN Gateway everyday.


    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. RevelinoB 3,440 Reputation points
    2023-07-06T04:37:37.9333333+00:00

    Hi Chia,

    Thanks for reaching out, certainly to cut costs regarding your site-to-site VPN tunnel, you have a few options:

    • Automated shutdown: Configure an automated process to shut down the VPN tunnel during non-office hours and reactivate it when needed. This can be achieved using scripting or automation tools like Azure Logic Apps or AWS Lambda functions. By disabling the VPN tunnel during off-hours, you can significantly reduce costs.
    • Reserved Instances: Check if your cloud provider offers reserved instances or reserved VPN connections. These programs allow you to commit to a longer-term contract in exchange for discounted rates. By committing to a reserved instance, you can save costs compared to using on-demand resources.

    Traffic routing optimization: Review your network traffic patterns and optimize the routing of data. If possible, direct non-critical traffic over the public internet instead of going through the VPN tunnel. This can help reduce the amount of data transmitted over the VPN, resulting in lower costs.

    Regarding deleting and recreating the VPN gateway using ARM templates or Terraform, both options can be used for infrastructure provisioning and management. Here's a general guide on using these tools:

    ARM Templates:

    • Start by creating an ARM template that defines your VPN gateway and associated resources (virtual network, subnets, etc.).
    • Use the Azure portal, Azure CLI, or PowerShell to deploy the ARM template and provision the VPN gateway.
    • To delete and recreate the VPN gateway, you can update the ARM template or create a new template with the desired changes.
    • Use the appropriate deployment method (portal, CLI, PowerShell) to redeploy the ARM template and recreate the VPN gateway.

    Terraform:

    • Install and configure Terraform on your local machine.
    • Create a Terraform configuration file (usually named main.tf) that describes the desired state of your VPN gateway and related resources.
    • Run terraform init to initialize your Terraform project.
    • Use terraform apply to provision the VPN gateway based on your configuration.
    • To delete and recreate the VPN gateway, modify your Terraform configuration file and run terraform apply again to apply the changes.

    Be aware that the exact steps and commands may vary based on your cloud provider and the specific details of your VPN setup. It's recommended to refer to the official documentation and guides provided by your cloud provider for detailed instructions on deploying, managing, and deleting VPN gateways using ARM templates or Terraform.

    I hope this answers your query?

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.