Site To Site VPN Connection With Azure Traffic manager
Will it be possible to send the traffic coming through Site To Site VPN Connection to Azure Traffic manager, please give any documentation related this problem, I could not find any.
Azure VPN Gateway
Azure Traffic Manager
-
Deleted
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
-
KapilAnanth-MSFT • 48,576 Reputation points • Microsoft Employee
2023-11-03T12:40:35.1833333+00:00 Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I am afraid I did not quite understand your requirement/ask.
- Azure Site To Site VPN Connection is used to provide connectivity to private resources between OnPrem and Azure
- Azure Traffic Manager is used to redirect web users (users on Internet) to resources that are located on Internet
Can you please specify what exactly your requirement is and what the end goal here is?
Cheers,
Kapil
-
Mithila Lishan • 111 Reputation points
2023-11-03T12:49:48.57+00:00 @KapilAnanth-MSFT I am always appriciate your quick response.
Lets assume scenario like this,
There is an onpremise application they need to access APIS which expose through traffic manager ,
when onpremise application make an API call that API call should come from the tunnel and need to hit in the azure traffic manager(Onpremise application --> local network gateway --> S2S VPN connection --> VPN Gate way --> Azure trafic manager)
Did you undestand the example, will it be possible ?
-
KapilAnanth-MSFT • 48,576 Reputation points • Microsoft Employee
2023-11-03T13:41:10.6533333+00:00 Thanks for the info. First, you must consider the facts that
- Traffic does not flow via Traffic Manager. Traffic Manager only redirects traffic to flow to one of the endPoints based on DNS.
-
- Traffic Manager only works with Public EndPoints. This means, it can only serve DNS requests coming in from Internet.
However, The S2S Tunnel from OnPrem is used to provide access to private resources that are located in a VNET.- Traffic Manager is not a part of your VNET.
- Traffic does not flow via Traffic Manager. Traffic Manager only redirects traffic to flow to one of the endPoints based on DNS.
-
Joe Carlyle • 661 Reputation points • MVP
2023-11-05T12:43:33.84+00:00 I think a Standard Load Balancer may be a better choice based on your VPN requirement. Have you considered that?
-
KapilAnanth-MSFT • 48,576 Reputation points • Microsoft Employee
2023-11-06T06:16:41.8066667+00:00 May I know if you got a chance to review my previous comment?
Please let me know if you are facing any challenges or if there are any follow-up questions, I shall be glad to address them.
Thanks,
Kapil
-
Mithila Lishan • 111 Reputation points
2023-11-06T06:58:44.2333333+00:00 Hi @KapilAnanth-MSFT I still did not got chance to review your answer, I will review it and inform you , thank you soo much for your reminder
-
Mithila Lishan • 111 Reputation points
2023-11-06T10:50:00.4233333+00:00 @Joe Carlyle Thank You soo much for your valuable input.
Still We have Not Consider Standard Load Balancer.
Do You have any idea how we can use load balancer to overcome this issue ?
Or any resources , document or digram that can be help full for me -
Mithila Lishan • 111 Reputation points
2023-11-06T10:57:18.17+00:00 @Joe Carlyle Thank You soo much for your valuable input.
Still we have not consider Standard Load Balancer.
Do you have any idea how we can over come this issue ?
Any of your suggestion of material , architecture digrams and ideas are really appriciate
-
Joe Carlyle • 661 Reputation points • MVP
2023-11-06T11:12:35.3466667+00:00 The load balancing guide in the architecture center is the best place to start and work through your options, it includes scenarios examples and guides - https://learn.microsoft.com/en-us/azure/architecture/guide/technology-choices/load-balancing-overview
-
KapilAnanth-MSFT • 48,576 Reputation points • Microsoft Employee
2023-11-07T11:40:05.13+00:00 Reaching out to check if there are further queries on this.
Feel free to let us know if there are any follow-up questions, we shall be glad to address them.
Cheers,
Kapil
-
KapilAnanth-MSFT • 48,576 Reputation points • Microsoft Employee
2023-11-08T06:30:15.74+00:00 Can you please update us if the action plan provided was helpful?
Should there be any follow-up questions or concerns, please let us know and we shall try to address them.
Thanks,
Kapil
-
Mithila Lishan • 111 Reputation points
2023-11-20T05:33:46.41+00:00 Thank you soo much for your follow up, sorry for being late for reply please refer my sample digram below, and I need to know intigration possiblieties for mentioned 1,2,3 items in below sample architecture digram, need to implement Site-To-Site VPN connection to 1,2,3 item without interuptining already exsisit process.
Below all app-services are access through public endpoints.
-
KapilAnanth-MSFT • 48,576 Reputation points • Microsoft Employee
2023-11-20T12:07:53.8066667+00:00 Your architecture is not clear.
The S2S Connection is not documented in the diagram.
If we consider,
Users ---->Web App User Interface:
- This can happen via either S2S or Internet
- If the Web App User Interface is a part of the VNET, then you can access it via S2S.
- If it is not a part of the VNET, you can only access it via Internet.
Web App User Interface ----> Traffic Manager:
- Always happens via Internet.
- Traffic Manager cannot receive traffic via Private Network.
Cheers,
Kapil
-
Mithila Lishan • 111 Reputation points
2023-11-21T03:39:47.6766667+00:00 Dear @KapilAnanth-MSFT
Please let me know unclear places of the provided sample architecture digram
Yes S2S Connection is not documented
Because i have an idea how to create s2s connection for one resorce in the cloud with on premise.
In this digram there are 3 items in the cloud , i have no idea how can i route traffic comming from on premise to seperately to 3 cloud resources.Do we need to use some load balancer ? or is virtual private network gateway capble to route the traffic comming from onpremise to each cloud recource seperately (1,2,3)?
-
KapilAnanth-MSFT • 48,576 Reputation points • Microsoft Employee
2023-11-22T10:05:49.5266667+00:00 Traffic Manger cannot be used to load balance traffic coming in via S2S Gateway.
"Cloud Resource" is a highly generalized term. What exact Azure resource are you referring here.
- Again, S2S is used for providing connectivity from OnPrem to resources in Azure Virtual Network and not the entirety of Azure.
- If your "Cloud Resource" is not deployed in a VNET, you cannot access it via S2S.
Coming to your architecture,
- If your "Cloud Resource" is deployed in VNET, you can use the S2S and directly access it. E.g., a VM
- If your "Cloud Resource" is not deployed in VNET, you cannot access it via S2S directly. E.g., an Azure App Service.
Hope that makes it clear.
Cheers,
Kapil
Sign in to comment