• IP Sec tunnel
• Encrypted
• Not preferred as traffic goes through the internet
• [[202408241243 How to create a VPN Gateway|How to create a VPN Gateway]]
  • [[202408241255 How to create P2S VPN|P2S VPN]]
  • [[202408241251 How to create S2S VPN|S2S VPN]]
• If any [[202404121703 Azure VNet|VNet]] changes, for example new [[202407151908 VNet Peering|VNet Peering]] etc, need to reinstall VPN client with new config downloaded from [[202312231415 Azure Master|Azure]]

Types

• P2S VPN - Connects a specific device to a virtual network
• S2S VPN - Connects a network to a virtual network
• S2S VPN gateways enable multiple VPN connections to different networks if route not policy based

High availability scenarios

1. Active/Standby
   1. Default
   2. Automatic failover in case of issues or planned maintenance
2. Active/Active
   1. Get 2 [[202407271143 Public IP address allows inbound access based on tier in Azure|Public IP Address]]
   2. Uses BGP routing
3. [[202404141339 Azure ExpressRoute|Express Route]] failover
   1. Gateway as secure failover for [[202404141339 Azure ExpressRoute|Express Route]]
4. Zone-redundant gateways
   1. [[202407151913 Azure VPN|Azure VPN]] and [[202404141339 Azure ExpressRoute|Express Route]] as zone-redundant deployments, where supported

---

references:

MS Learn MS Docs P2S VPN S2S VPN High availability scenarios for VPN