Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Azure VPN Gateway as Responder (Not Initiator)

      Currently with Azure VPN Gateway we do not have an option to set it as a VPN responder, it is set as a permanent initiator - which is causing me issues when I want t'shoot my local gateway.

      I would like the option to set the Gateway as a responder only.

      37 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    2. Ability to connection Azure Virtual Network Gateway to AWS Transit Gateway through VPN

      Ability to connect Azure VNet to AWS VPC through Azure Virtual Network Gateway and AWS Transit Gateway through VPN connection with BGP. Found 169.x.x.x AWS use for tunnel IP in routed VPN but Azure uses it for reserved range and that causes conflict right now.

      10 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    3. VPN Show configuration

      Ability to see COMPLETE configuration of the VPN connection. See all the parameters of Phase 1 and 2, hash and encryption algorithms, PFS, DPD, SA, etc.

      12 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    4. VPN Debug

      Ability to execute a debug on the VPN Azure (Conecction - Local Network Gateway) and be able to see the logs in real time of traffic between the peers of vpn. For example, why a phase 1 or 2 is failing, why encryption domain matches or not, etc. Like a VPN onpremise do. Talking to the azure support team, they tell us that there is currently a way to do it, but only is allowed for the support team, not for azure users. Which makes losing a lot of time lifting a ticket, just to see a debug.

      12 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    5. WireGuard VPN protocol in Azure VPN PaaS

      Add WireGuard as a VPN protocol in the Azure VPN PaaS offering.

      27 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    6. Improve user experience for BGP Route Advertisement Limit from Azure

      There is currently an internal Azure hard limit of 200 on BGP routes advertised over a connection from an Azure virtual network. When exceeded Azure drops all routes and connectivity for the entire virtual network until the route limit falls back below 200. No error is produced and there is no simple way to query how close a connection is to this route limit.

      Any virtual network update that would result in exceeding the route limit should throw an error and there should be a way to easily determine your current route count per connection (rest/cli and portal).

      In addition,…

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    7. Solution to Site to Site VPN with dynamic addressing in onpremises site perhaps DynDNS

      olution to Site to Site VPN with dynamic addressing in onpremises site perhaps DynDNS

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    8. Allow creation of your own Service Tags for use in NSGs

      Effectively allow you to create your own address group objects that can be referenced across all NSG's in any location/VNET.

      This would simplify NSG management considerably, even more than ASGs will (when they support being used across multiple VNETs)

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    9. Enable Auto-Reconnect for Point to Site Azure VPN connections

      I have not seen this exact suggestion prior so am adding what would be helpful for our users. Currently, when they connect remotely to a Shared Drive hosted on an Azure VM if the Network Gateway RAM hits peak utilization, or if the local users internet becomes interment they are kicked off the VPN connection and required to go back and connect all over again.

      This is a horrible customer experience.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    10. Documentation out of date

      Can I request a Static Public IP address for my VPN gateway?
      No. Only Dynamic IP address assignment is supported.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    11. Need to obtain VPN server name (FQDN) using Powershell for P2S VPN.

      As we know we it doesn’t support obtain VPN server name (FQDN) for P2S via powershell. We must utilize the download package as stated in documentation.

      Could we obtain VPN server name (FQDN) using Powershell for P2S VPN in the future?

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    12. Azure VPN gateway should support Azure PaaS service

      Currently, Azure VPN gateway only support IaaS service, like Azure VM. We hope Azure VPN gateway can support PaaS service in near future. So that user can connect to PaaS service with its private address via VPN.

      14 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    13. Access to Azure SQL data base (PaaS) through P2S VPN

      I have a Customer that would like to know if this feature will be available at any time. He wants to have access to unmanaged Azure SQL database PaaS from P2S VPN

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    14. The bgp peer ip configured on the local gateway is advertised back to the site router via the tunnel

      Azure BGP implementation advertises a route to on-premises BGP peer IP back to the on-premises network via Azure! This should have been filtered on Azure side.

      B 10.255.254.6/32 [20/0] via 10.16.1.4, 00:03:47
      via 10.16.1.5, 00:03:47

      10.255.254.6/32 is the loopback IP address on my VPN device.
      10.16.1.4 and 10.16.1.5 are the BGP IP addresses on Azure VNET.

      Ref. case: 119060721002544

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    15. vpn gateway slow to create

      Why does it take upwards of 30 minutes to create a vnet gateway?
      If I am doing a PowerShell script or a CI/CD deployment, the whole world stops while the VPN takes 30-odd minutes to be initialised and start. Can this please be addressed?

      86 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  14 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    16. Authentication to VPN Gateway using Azure AD

      Add option to authenticate to VPN Gateway using existing Azure AD accounts. For security reason there should be option to add a group of users allowed to use VPN.

      This should help to use Azure VPN Gateway by customers which not use local AD DS servers

      64 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  5 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    17. Allow GRE packets in Azure virtual networks for the purpose of configuring a PPTP VPN within an Azure VM

      This is to allow those who do not have access to on premises devices to be able to connect to the on premises VPN using the credentials that where provided to them. In my case site-to-site, point-to-site and other VPN connection methods offered by Azure are inadequate as they require installing or configuring something on site and I do not have access to any of the on premises resources.

      9 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    18. Be able to configure all aspects of S2S vpn from the MS Azure portal

      It would be helpful to be able to configure all aspects of S2S vpn from the MS Azure portal. We had to do some configuration via the powershell commands, which :
      1: was not intuitive, as the parameters weren't readily shown anywhere
      2: takes a special level of knowledge to be able to do that.

      Once we were able to make the parameters match between our Cisco ASAV on prem, and the Gateway in Azure, then everything worked, but it took some extra time to get there.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    19. No pricing plan for Legacy SKU on Virtual Network Gateway

      The pricing page just gives the pricing for the Basic from the Legacy SKU:
      https://azure.microsoft.com/en-us/pricing/details/vpn-gateway/

      There is no pricing for Standard or High Performance.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    20. Even smaller "Dev" size of Virtual Network Gateway

      While the ability to set up a site-to-site tunnel between my local network and an Azure virtual network is a very great convenience, it's also quite the expensive convenience for the single-developer business. (If you have a VS Professional subscription, for example, you'll burn almost all of your included Azure credit on this alone.) This may be partly solved, at the cost of some overhead, by this request:

      https://feedback.azure.com/forums/217313-networking/suggestions/6169157-stop-start-virtual-network-gateway-to-don-t-pay

      ...but my first observation is that even the "Basic" size of VPN gateway is far more, at 100 Mbps and 10 S2S tunnels, than I actually require.

      How about a cut-down…

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    ← Previous 1 3 4 5
    • Don't see your idea?

    Feedback and Knowledge Base