Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Provide certificate-based authentication for S2S VPN

      Can you describe the technical reason why you decide not to offer this option when creating a s2s vpn and you offer only the phase1 pre-shared key method? The communications in Madrid HC Region are administered by Cesus and they follow directives from the Security Group of Madrid Digital (former ICM). In their form to require a s2s vpn only cert based is accepted for ipsec tunnels and without a clear technical reason it is almost impossible to negotiate an exception to shift to pre-shared key based phase 1 vpn

      2 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →

      Thank you for the suggestion. The key reasons for not offering cert-based IKE authentication is due to the additional compliance requirements and validations related to handling certificates. As a result, this is currently not on the roadmap.

      If certificate-based authentication is a requirement, currently customers will need to leverage a VPN appliances available from Azure Marketplace.

      Thanks,
      Yushun [MSFT]

    2. BGP Peering IP modification on different subnet

      Hey,
      For business purpose, we wanna offer an idea of selecting peering IP from non-GW subnet while using Azure VPN BGP. this IP was currnetly allocated from ge subnet. but we wanna change to specific IP . let's say our address space range is 10.0.0.0/16, but our GW subnet is 10.0.0.0/24, Peering IP is 10.0.0.254. but one of subnet is 10.13.100.70/28, we wanna change peering IP to 10.13.100.70. but this is impossible, could we make some changes in further?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    3. VNET GW packet filter

      Hi All.

      I would like to set up a packet filter for VPN GW.
      It is the same as RRAS packet filter setting.
      Inbound IP address and port range filter, and outbound IP address and port range filter.

      Our VNET is connecting between sites with customers' VNET and VNET GW. Even if it is attacked from outside the customer's VNET, I do not want to endanger our VNET. I would like to filter traffic arriving at VNET with source IP and destination port number.

      How can it be realized?

      regards.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base