ASR Replication

Question

ASR Replication

Handian Sudianto 6,096

Hello,

When we build ASR to replicate disk from onprem to azure, can we use private ip using site-2-site connection, or the replication can only work using internet connection?

Accepted answer

1 additional answer

Your answer

Answer 1

SadiqhAhmed-MSFT 49,326 Microsoft Employee Moderator

Hello @Handian Sudianto Thank you for posting your question on Microsoft Q&A plaform. Happy to answer any question you may have!

I see that you want to use private IP to replication your on-premise disks to Azure.

Short answer: ASR replicates data over public endpoints. For your requirement I suggest you can use Private Endpoints. Refer to the document - https://learn.microsoft.com/en-us/azure/site-recovery/azure-to-azure-how-to-enable-replication-private-endpoints

Azure Site Recovery replicates data to an Azure storage account or managed disks, over a public endpoint However, replication can be performed over Site-to-Site VPN as well. Site-to-Site VPN connectivity allows organizations to connect existing networks to Azure, or Azure networks to each other. Site-to-Site VPN occurs over IPSec tunneling over the internet, leveraging existing on-premises edge network equipment and network appliances in Azure, either native features like Azure Virtual Private Network (VPN) Gateway or 3rd party options such as Check Point CloudGaurd, Palo Alto NextGen Firewall. Replicating to Azure with site-to-site VPN is only supported when using private endpoints.

Hope this answers your question. Please write back to us if you have any further questions!

If the response helped, do "Accept Answer" and up-vote it

Handian Sudianto 6,096 Reputation points

2023-09-18T08:49:09.2533333+00:00

Hello,

If ASR already configured using public IP, can we change to use private endpoint or should we must configure from the beginning?
SadiqhAhmed-MSFT 49,326 Reputation points Microsoft Employee Moderator

2023-09-18T13:35:44.26+00:00

@@Handian Sudianto From the doc - https://learn.microsoft.com/en-us/azure/site-recovery/azure-to-azure-how-to-enable-replication-private-endpoints
SadiqhAhmed-MSFT 49,326 Reputation points Microsoft Employee Moderator

2023-09-20T09:30:53.1666667+00:00

Handian Sudianto Just checking in to see if you got a chance to see my response and if it helped, I would request you to "Accept Answer and Upvote" so that the relevancy of this post will improve when anyone in the community search for a similar query.

Answer 2

Tushar Kumar 3,371 MVP

Hi Handian Sudianto,

Azure Site Recovery replicates data to an Azure storage account or managed disks, over a public endpoint. However, replication can be performed over Site-to-Site VPN as well.

Recovery Service Vaults needs to be configured for security with Private Endpoints
No SLA and potentially higher latency
Requires an on-premises VPN device availability
Additional overhead for VPN

https://learn.microsoft.com/en-us/azure/site-recovery/site-recovery-faq#can-i-replicate-over-a-site-to-site-vpn-to-azure-

https://learn.microsoft.com/en-us/azure/site-recovery/azure-to-azure-how-to-enable-replication-private-endpoints

Please Click "Accept as answer" if this helps.

Tushar Kumar 3,371 Reputation points MVP

2023-09-18T08:57:22.11+00:00

Handian Sudianto

Best approach will be to create a seperate vault for initial testing before switching over.

Share via

ASR Replication

1 additional answer

Your answer