2

Is it possible to set up a failover site to site VPN tunnel in Azure?

I have one tunnel already established to local network "MyLocalNet". I want to set up a second tunnel with a different endpoint but the same local network. Is this possible? If so, can I configure some kind of traffic priority for one tunnel over the other?

blizz
  • 1,134
  • 1
  • 26
  • 47

2 Answers2

3

Nope.

There are no settings for creating metrics and traffic priorities, you're also stuck with Dynamic Routing so all the prioritizing is done in the background.

This means that you cannot connect different endpoint to the same range of a local network. it is even stated in "Requirements and considerations" page under the Vnet VPN Documentation.

Redundant tunnels between a pair of virtual networks are not supported.

https://azure.microsoft.com/documentation/articles/virtual-networks-configure-vnet-to-vnet-connection/

Edit

Here's a better answer:

Can I configure multiple tunnels between my virtual network and my on premises site using multi-site VPN?

No, redundant tunnels between an Azure virtual network and an on premises site is not supported.

https://msdn.microsoft.com/en-us/library/azure/dn133803.aspx

Dene
  • 129
  • 2
Noor Khaldi
  • 3,869
  • 3
  • 19
  • 28
  • Would you please explain this - it says redundant tunnels between a pair of virtual networks is not supported. But my site to site tunnel is between my Azure virtual network and an on-premises network. Is it stated anywhere that redundant networks in this scenario are unsupported? Thanks! – blizz Apr 19 '15 at 17:00
  • Updated my Answer for this: – Noor Khaldi Apr 19 '15 at 17:15
  • Unfortunately this still doesn't describe my scenario. I am not looking to create two tunnels with the same endpoint, just two tunnels with the same local network. Each tunnel would connect to different firewalls at different IP addresses, but would use the same local network range. I couldn't find anything that prevents this possibility in the link you provided. – blizz Apr 19 '15 at 17:22
  • 2
    There's always the option to send the Azure helpdesk team a message then, although I believe that links above speaks for them selves. – Noor Khaldi Apr 20 '15 at 19:27
0

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-highlyavailable

For anyone that comes by this post, it's now possible via BGP.

Dave Andrews
  • 1