How can we improve Azure Networking?

Stop/Start Virtual Network Gateway - to don't pay when it not in use

There are two charges related to the Azure VPN service: the compute resource charge at $0.05/hour, and the egress data volume charge. Both are based on resource consumption, Unfortunately, even if the VPN tunnels are not connected, the gateway compute resource is still being consumed and will cost ~$38 monthly!
This is not really "Pay only for what you use".

Need functionality to “STOP” (and of course "START") a gateway if the customer is certain that the gateway will not be in use.

1,538 votes
Vote
Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
You have left! (?) (thinking…)
VlaR shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

88 comments

Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
Submitting...
  • Chris Bailey commented  ·   ·  Flag as inappropriate

    Well, it's mid-2019 now is there an update on this? these costs are taking up half of of my MSDN account allowance

  • A Khan commented  ·   ·  Flag as inappropriate

    Yeah, my labs in Action Pack all went down coz the subscription got disabled due to the VPN gateway costs going over the spend limit!!

    What a crock. The company I work for, pays Microsoft ~$80K/year for EA. This nickle and diming does not suit Microsoft. Please have an option to pause/suspend VPN Gateway.

  • OpenVPN commented  ·   ·  Flag as inappropriate

    I was annoyed of the running cost of the Basic P2S Azure VPN Gateway SKU, even when it wasn't terminating VPN clients... close to $40 AUD which is pretty expensive given it wasn’t a highly utilized resource in my subscription.

    I decided to create an OpenVPN Access Server instance:

    https://azuremarketplace.microsoft.com/en-us/marketplace/apps/openvpn.openvpnas?tab=Overview

    Using PowerShell, I defined a large enough 30 GB Standard LRS/HDD VHD, Standard B1s VM size to keep the running cost low (it won’t run properly on the new B1ls size), also assigned a public IP, and voila.

    I can start/deallocate the VM on demand and the only cost it incurs is the storing the managed disk and static Public IP, which is relatively small in comparison to maintaining the Basic P2S Azure VPN Gateway SKU.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Would like to add fuel to fire - I am trying to carry out lab work but am being hindered by the high cost of running the VPN gateway.

    100% need a power down option to save money in the same manner as virtual machines.

    This isn't really much to ask for so not sure why this has taken years to implement. It is not helped by the fact it takes 30-45 minutes to fire up a new gateway. May have to explore alternative options or look at what AWS has to offer in regards to this.,

  • Mike S commented  ·   ·  Flag as inappropriate

    Seems like it might be better to spin up your own "VPN gateway" some other way than pay for this money sucking pig. Maybe go pay for a 5 dollar per month VM on digital ocean and add an NSG that only allows tunnels from there. It also seems to me like it needs some capability to issue client certs and revoke them. I may be doing it wrong but for my use case it it seems right. Why is this so expensive, it should actually be free,

  • Pepekali commented  ·   ·  Flag as inappropriate

    Hello, any update on this functionality? This is becoming far too expensive!!!

  • Erick Correa commented  ·   ·  Flag as inappropriate

    This is a problem that I have since the beginning of the creation of virtual machines, so far I pay 150 dollars per month for 733 hours, this I have for 6 months.
    Please add this option, thanks

  • JohnL commented  ·   ·  Flag as inappropriate

    Agreed, it makes VNG a non-starter for a P2S test link for WfHome. I'll have to continue with Heath Robinson until the Start/Stop functionality is in place. :(

  • Joe commented  ·   ·  Flag as inappropriate

    Yes please on this. I just setup a VPN gateway to get access to my DevNet and the VPN is eating up most of my dev money.

  • Isaac commented  ·   ·  Flag as inappropriate

    Please give option to disable otherwise it makes no sensefir us.
    Thanks

  • Anonymous commented  ·   ·  Flag as inappropriate

    Option should be there to Stop and Start VPN Gateway. Created High Availability instance with SQL Always On with DR as secondary replica. Will Start and Stop the VMs whenever testing is required, but unfortunaltely no option for VPN gateways and ending up in paying 20k/month.

  • Evelino commented  ·   ·  Flag as inappropriate

    Completely agree, I use resources for development and test, I would shut down resources when not in use and don't pay for them. The only exception is storage, anyway I feel I should be able to shut down storage (eg ssd) and pay only for a backup fee. When I need it, I may move to ssd and pay premium.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Upvoted. The single most expensive component of my test VM environment is the VNG. I would like to add that Azure forces you to use an expensive VNG to connect generic App Services to Virtual Machines. This could be accomplished using routing tables over the Azure backbone, but NO, you need to build a VPN to connect the two. I have no other VPN need other than connecting App Services to VMs, so all the other functionality is purely overhead.

  • Anonymous commented  ·   ·  Flag as inappropriate

    ALSO, the VPN connection that had been working for years suddenly stopped because MS decided to change how Cisco ASA's connected to Azure. NO ADVANCED NOTICE. Buyer beware!

  • Anonymous commented  ·   ·  Flag as inappropriate

    @AzureNetworkingTeam - It's been nine months since you claimed this was "planned." When are you going to stop shoving Azure down people's throats and start making this an affordable and useful platform. I'm ready to shut down everything in Azure and move it back on-premise. Azure is a waste of money, time, and resources. This is a PRIME example of the bait-and-switch promises MS makes to get you in Azure. Once you're in Azure or VSTS, it's nearly impossible to move back On-Premise. I'm ready for the challenge after the problems we've had.

← Previous 1 3 4 5

Feedback and Knowledge Base