2

My application is hosted in Windows Azure. I have partnered with enterprise to offer service to their customers. However , they require VPN connection between us (in the cloud) and their enterprise application. What is the best way to do this? Installing software on their machine is not an option.

David Makogon
  • 69,407
  • 21
  • 141
  • 189
Allan Rwakatungu
  • 1,097
  • 1
  • 11
  • 17
  • Does it definitely have to be a VPN? What kind of traffic are you wanting to send between Azure and On Premise? Can service bus help instead? – David Steele Jun 29 '11 at 22:54
  • To put this in context - we shall be exchanging payment information between us and partner (whose IT service and policy i have no control over). They will only expect messages from an IP I provide them and will also only expect to send messages to my IP. Am not sure how the service BUS will be useful here - – Allan Rwakatungu Jul 03 '11 at 08:01

3 Answers3

3

Windows Azure now has a Virtual Network, announced as part of the Spring 2012 release. It lets you connect your on-premises network to Windows Azure via IPSEC, and takes advantage of your on-prem hardware VPN device.

Summary information here, and tutorials here.

David Makogon
  • 69,407
  • 21
  • 141
  • 189
0

Windows Azure Connect allows you to setup an IPSec tunnel between your Azure application and a local network. See:

https://azure.microsoft.com/en-us/services/virtual-machines/

and

http://azure.microsoft.com/documentation/articles/vpn-gateway-point-to-site-create/

Dene
  • 578
  • 5
  • 9
Jonathan McIntire
  • 2,665
  • 23
  • 26
  • You're correct that this is the only way to create a VPN with Azure at the moment, but it does fail on the "Installing software on their machine is not an option" part of the question. – knightpfhor Jun 29 '11 at 21:54
  • I somehow missed that part of his question. :) In the future, it will be possible to establish a VPN connection without installing any software. This presentation alludes to that: http://uktechdays.cloudapp.net/techdays-live/connecting-the-windows-azure-network-to-your-corporate-network-tuesday-24th.aspx – Jonathan McIntire Jun 29 '11 at 22:12
  • 1
    1. Rent an external host. 2. Set up Azure Connect between Azure and said external host. 3. Install VPN server software on the virtual host. 4. User VPNs to virtual host, and from there packets tunnel through to Azure, assuming VPN set up as default route for all packets. You will somehow need to get names working too, as the addresses of your Azure servers will change. Perhaps they can get the IPv6 address from a web service you run on your external host. – Oliver Bock Jun 29 '11 at 22:44
0

As Azure roles accepts only http/https ant tcp connections "classic" IPSec or PPTP is not an option.

Az Azure roles are Windows Server 2008/R2 you can configure SSTP connection to Azure with startup script or cutom VM Role.

Azure roles has random internal IPs so you'll have to deal with IP resolving too.

Matej
  • 7,517
  • 2
  • 36
  • 45