![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 99%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIA%3C/text%3E%3C/svg%3E)
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,798 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Thank you for reaching out. I understand you wish to configure VPN in Azure so that employees can access the Azure resources via VPN tunnel.
Azure VPN Gateway supports both point-to-site (P2S) and site-to-site (S2S) VPN connections.
Site-to-site (S2S) VPN connection requires a VPN device located on-premises that has a public IP address assigned to it. This is the list of devices which have been validated for establishing site-site connections.
A point-to-site (P2S) VPN gateway connection lets you create a secure connection to your virtual network from an individual client computer. A P2S connection is established by starting it from the client computer. P2S VPN is also a useful solution to use instead of S2S VPN when you have only a few clients that need to connect to a VNet. Unlike S2S connections, P2S connections don't require an on-premises public-facing IP address or a VPN device.
Based on your questions above
So, is it possible to create a VPN solely through Azure without needing any on-premise device? Also, I'm curious about the licenses needed for this process and how much it might cost us.
If you wish to implement only P2S VPN connections, then no VPN device is required and you can connect using individual client computers. You can go through this documentation to understand more about number of P2S connections supported by Azure VPN Gateway. Remote work using Azure VPN Gateway Point-to-site documentation also can be a helpful resource here.
If you wish to implement a S2S VPN then an on-prem device will be required. The cost will be as per the 3rd party vendor selected from the devices link listed above.
Does Azure provide a virtual VPN device or server, or is the entire VPN setup in Azure done without requiring a VPN device (on-site or virtually)?
Currently Azure does not provide a virtual VPN device or server. You will have to get a VPN device listed above.
Please let me know if you have any additional questions. Thank you!
---Please "Accept the answer" if the information helped you. This will help us and others in the community as well.