Azure- Can we do Role Based route permissions or user controls on p2s VPN?

Marek Kurowski 21 Reputation points
2021-08-17T14:39:10.467+00:00

I was wondering if it is possible to control azure p2s user access to specific subnets by matching UserID/ADgroup and then based on that controlling either routes the VPN users receives or modifying ACL/FW policies somewhere in azure? I heard maybe via xml files pushed to users based on AD groups?

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,407 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. TravisCragg-MSFT 5,681 Reputation points Microsoft Employee
    2021-08-19T20:17:10.62+00:00

    Unfortunately this is not possible. If you want to restrict access to resources, your best bet is to do so with Identity controls.

    This might be possible with some custom code, but I would not recommend securing access to resources by not adding routes.

    0 comments No comments