Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Allow traffic across a VPN for management and utilization of the Azure DB SaaS (SQL) solution.

      I found many who would like this functionality, to be able to manage the SQL SaaS in Azure through a VPN connected VNet and associated service endpoint on the VNet. Allow what is being described as not available currently below, via a support ticket submitted to Microsoft:

      With Azure SQL Database being a public endpoint and not existing within a Subnet the overall NAT’ing process of traffic from the Azure SQL DB back to the on prem clients is not possible across a VPN. The only method is what was described which is to use some form of jumpbox inside…

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    2. Azure VPN gateway config needs to provide more control over the VPN client settings.

      The standard Windows 10 VPN native client has some important features such as preventing split tunnel that are not accessible for the client that gets downloaded when I set up the VPN using the Azure VPN GW. For instance, for compliance with NIST 800-53 we MUST disable split tunnel. That is possible with other/physical VPN gateways but not with the Azure VPN gateway. We need this feature to allow us to be compliant.

      13 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    3. Improve Point-to-Site VPN to support Windows 10 (2015 LSTB)

      We can't configure Point-to-Site VPN from Windows 10 (2015 LSTB) endpoint even when we apply the latest hotfix to the Windows 10 (2015 LSTB) endpoint.
      The error is 812 (The connection was prevented because of a policy configured on your RAS/VPN server).

      It would be great if we could configure Point-to-Site VPN from Windows 10 (2015 LSTB) endpoint.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    4. peering

      Allow VPN connection to transit between multiple levels of peering

      To allow for hub-spoke-hub architecture described here: https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/shared-services

      and allow the VPN connection to be shared through to lower level hubs.

      12 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    5. there should be S2S tunnel continuous monitoring feature.

      there should be S2S tunnel continuous monitoring feature. As we have established more than 5 tunnel but there is no automation available currently, we have to rely on manual network watcher.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    6. Site to site VPN passwords are not able to hide. Its showing in pleain text. Please help us ASAP.

      Site to site VPN passwords are not able to hide. Its showing in pleain text. Please help us ASAP.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    7. 1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    8. Enable support for RADIUS authentication when VpnClientProtocol set to OpenVPN

      It appears that the recent public preview of OpenVPN protocol for P2S only supports Certificate Authentication. We would like to continue to use RADIUS authentication for our P2S clients.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    9. VPN Gateway Fail Over

      Requesting a DR feature for VPN Gateways to provide better recovery from datacenter disasters.

      We plan to have dozens of VPN Gateways to a specific data center. In a disaster scenario we need a way for these gateways to fail over to a backup region where our VMs will fail to.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    10. Allow Azure Basic VPN Gateway to connect from OpenVPN client

      Allow Azure Basic VPN Gateway to connect from OpenVPN client

      If deploy VPN Gateway and follow this instruccions [1], Azure Powershells shows this error:

      Set-AzureRMVirtualNetworkGateway: Vpn Client protocol OpenVPN is not supported for basic Sku Gateway [..]

      [1] https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-openvpn

      7 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    11. 1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    12. When creating a VPN Gateway Connection, create an error when the password doesn't meet the password requirements.

      When you create a new VPN gateway connection, if you enter a password that doesn't meet the password restrictions (no special character), you can still create the connection and not know that there is an issue.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    13. Add activity logs events for failover and update of a virtual network gateway

      Currently, a VNG can be updated and fail-over (or, in our case, just plain fail) without any information for the end user. Updates and failover events should appear in the activity log so the end user has a chance of determining why users are disconnected or why the VPN is not working.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    14. Add DHCP address Pool options to the Point-to-Site VPN

      When I connect to the P2S vpn I need to be able to set an an address pool. Right now when I connect there is nothing to determine the addressing besides defining a subnetmask. However the addresssing starts at (0) so when I connect to the VPN I will be assigned example 192.168.1.0 as my IP address. I am able to connect to the Azure Network Gateway, But I am not able to connect to any Site-2-Site connections I have connected to Azure.

      15 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    15. Microsoft.Network/virtualNetworkGateways provision so longgggggggggggggggggggggggggg

      Hi currently in our project we heavily using Azure Resource

      And with current implement we using ARM template and powershell to provisioning all kind of resource. So I notice that with normal resource it only take around few second to 2 or 3 minute to finish except

      Microsoft.Network/virtualNetworkGateways
      It sometime take up to 1 hour to provision and it is like a pain in my *** that I really don't know why. Can someone so me a way to reduce provision time for Microsoft.Network/virtualNetworkGateways or explain for me in detail way why it take so much time to provision?

      6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    16. About VPN gateway DNS

      Can VPN gateway push a new DNS server address to client when the client connected

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      need-feedback  ·  2 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    17. pls put the two powershell scripts together

      today I made the mistake to execute the one, then missed the point for the client certificate creation and finally the VPN client did not find it.
      The evening I read the article again... the text descriptoin obfuscates this a bit, it only says "same powershell sessoin" or something, but just throwing both of them in powershell IE and execute them together got me to the goal.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    18. Notification of the change of VPN Gateway FQDN

      I've found change of VPN Gateway FQDN from "cloudapp.net" to "vpn.azure.com" without notification.
      And this caused that P2S connection was denied on our proxy server because the server had allowed only old FQDN "cloudapp.net".
      It takes time to add new FQDN to proxy server,
      so I want you to notify us before the change like this.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    19. Authentication to VPN Gateway using Azure AD

      Add option to authenticate to VPN Gateway using existing Azure AD accounts. For security reason there should be option to add a group of users allowed to use VPN.

      This should help to use Azure VPN Gateway by customers which not use local AD DS servers

      69 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  6 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    20. could you please update the script for Cisco ASA as i see many bugs and many are having hard time in establishing the tunnel with azure

      could you please update the script for Cisco ASA as i see many bugs and many are having hard time in establishing the tunnel with azure with many ASA models and OS versions below 9.8.2

      please confirm the which IKE parameters for a connection works for stable IKeV2 route based tunnel with policy based TS enabled. I see many times the tunnel which is good for many days abruptly goes down all of a sudden with out any changes being made. Appreciate your help.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  2 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base