I am trying to configure an Azure endpoint from a remote site to an azure vm. This is an alternate way of connecting in case our vpn tunnel collapses.
Here is the setup:
HQ (headquarters) Meraki mx84 has a site to site always on vpn tunnel to the Meraki VMX in Azure. There are remote sites that have meraki mx64s that route all traffic (except internet) to the hq mx84 vpn tunnel which then routes everything to azure, via the vmx.
We are looking to have some redundancy for the remote sites in case the HQ meraki fails and drops the vpn tunnel to azure. I am trying to configure a private endpoint from specific azure resources (Azure VM to start with) to our remote sites, bypassing the entire meraki vpn tunnels and going directly to azure from the remote sites.
My first step I believe is to set up the endpoint in azure. I want to ensure no external traffic is allowed into the resource (vm) that I'm setting up the endpoint on, except for the remote site traffic that would go thru the vpn tunnel.
Unfortunately, I dont have a network diagram but in a nutshell, I"m trying to set up a private endpoint for an azure resource that traffic from my remote site will go to.
Hope this makes sense.