Azure Site-to-Site VPN - Policy vs Route Based

Prescimone, Chris - Admin 1 Reputation point
2022-06-29T13:50:14.907+00:00

While working on setting up a new Azure Site-to-Site VPN connection I noticed that Standard is no longer an option in the list for either Policy or Route Based. I understand these are legacy connections by Microsoft so I am wondering if they have been removed.

The other thing I cannot create is a Policy Based VPNGw1 connection. It says that option is not supported when I go through the creation. Am I only stuck using Basic if I want to go Policy Based?

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
838 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Tchimwa Sougang 841 Reputation points Microsoft Employee
    2022-06-29T14:32:19.847+00:00

    @Prescimone, Chris - Admin Thank you for your question.

    In fact, Basic, Standard and HighPerformance are legacy VPN Gateway SKU. They are still working if you still have them, but you can't create a new VPN Gateway using those SKU beside of the Basic. Below, you have the new SKU: https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#benchmark

    A Policy Based connection is only supported by the Basic SKU. You can use a Route Based VPN Gateway, and still customize the connection for your policy.
    https://learn.microsoft.com/en-us/azure/vpn-gateway/ipsec-ike-policy-howto

    No comments