Failover between two site to site VPN tunnels configured with Azure VPN GW Private IP address and Public IP address

Raviraj Velankar 91 Reputation points
2022-08-09T12:05:02.683+00:00

Following is scenario

There is site to site VPN tunnel established between Azure VPN GW (using Private IP address) and On-premise VPN GW (using private IP address) through Express Route Private peering circuit.
There is another site to site VPN tunnel established between Azure VPN GW (using Azure VPN GW Public IP address) and On-premise VPN GW (using On-premise VPN GW public IP address) over Internet
Whether it is possible to configure these two tunnels as active-standby and if there is a third party NVA in hub virtual network then how to add routes in NVA for these two tunnels which will act as active -standby

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,516 questions
0 comments No comments
{count} votes

Accepted answer
  1. KapilAnanth-MSFT 44,556 Reputation points Microsoft Employee
    2022-08-10T06:09:00.26+00:00

    Hi @Raviraj Velankar ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
    I understand that you are trying to establish an Active-Passive Tunnel between Azure and OnPrem, one via Private IP and other via Public IP.

    It is possible to deploy Site-to-Site VPN connections over ExpressRoute private peering at the same time as Site-to-Site VPN connections via the Internet on the same VPN gateway.
    Refer : https://learn.microsoft.com/en-us/azure/vpn-gateway/site-to-site-vpn-private-peering

    The below article talks about your scenario.

    The OnPrem VPN 1 represents your Public IP and OnPrem VPN 2 is your Private IP.

    In case you have an NVA in the Hub Vnet,

    Feel free to let me know if you have any follow-up queries on the above.

    Cheers,
    Kapil.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.