We currently have a resource group in Azure comprised of 3 VMs in a Virtual Network, which we managed on behalf of a client. Until recently, we used a policy-based VPN gateway to connect to this network, which worked fine. The next step was to set up a tunnel (Site-to-site VPN connection) to establish connectivity between Azure and our client’s on-premises network. After several days of unsuccessful attempts, we found that the tunnel seemed to be in a perpetual state of “Connecting…” - but never actually connected.
After a bit of research and escalating the issue, we learned that a policy-based VPN gateway in Azure cannot have more than one connection. This is problematic because we need to have two connections into the Virtual network: we need to have permanent site-to-site connectivity to our client’s facilities, but also need a point-to-site connection so we can periodically connect and administer the VMs, software, databases, etc.
As a temporary workaround, our client’s network admin created a VPN user account for us so that we could connect to the Azure environment through their VPN gateway. While this workaround technically worked, it’s so painfully slow and the latency is awful, resulting in timeouts and frequent disconnection from our remote desktop sessions – so in practice, we cannot continue with this.
We understand that if we abandon our current policy-based VPN gateway and switch to a route-based one, we could configure both VPN connections (a site-to-site tunnel for our client *and* a point-to-site VPN connection for use by a small number of people in my organization). We don’t have the knowledge or expertise to do this. Time is of the essence, and we need to get these connectivity issues sorted by the end of business tomorrow (Friday).
If you’re a network engineer and have experience working in Azure and are able to resolve our issues within the next 24 hours, please reply to this posting. Thank you!
Project Type: One-time project