Reputation: 643
Azure - Virtual network Gateway vs VPN gateways
What are the differences between virtual network gateway vs VPN gateway and what determines which one to use?
The closest definition I can find is
"A VPN gateway is a specific type of virtual network gateway that is used to send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet."
I'm a developer and do little bit of ops, so trying to make sense.
Upvotes: 8
Views: 12115
Answers (3)
Reputation: 1869
Nancy's answer is correct. I would like to contribute this quote with more info from Microsoft (emphasis mine):
Let's start by clearing the confusion around the terms Virtual Network Gateway, VPN Gateway, and ExpressRoute Gateway.
Virtual Network Gateway represents the category of gateways that reside inside a virtual network and are used to connect virtual networks or on-premises networks to virtual networks.
VPN Gateway is a specific type of Virtual Network Gateway. It is used to send encrypted traffic across the public Internet. Site-to-Site, Point-to-Site, and VNet-to-VNet connections all use a VPN gateway.
ExpressRoute Gateway is also a specific type of Virtual Network Gateway. It sends network traffic on a dedicated private connection when configuring Azure ExpressRoute.
When you create a Virtual Network Gateway, you need to specify several settings. One required setting -GatewayTypespecifies whether the gateway is used for ExpressRoute or VPN traffic.
Upvotes: 1
Reputation: 41
Technically there are Resource Types of Microsoft.Network/virtualNetworkGateways and Microsoft.Network/vpnGateways. All ARM templates all use Microsoft.Network/virtualNetworkGateways resource type when deploying the Virtual Network Gateway - Type VPN as a standalone service. However when VPN is integrated into Virtual WAN/Hub you will see VPN Gateway (Microsoft.Network/vpnGateways) is used then.
| Purpose | ResourceType1 | ResourceType2 | ResourceType3 |
|---|---|---|---|
| As a VPN service outside a Virtual WAN/Hub use: | Microsoft.Network/virtualNetworkGateways | Microsoft.Network/Connections | Microsoft.Network/localNetworkGateways |
| Inside a Virtual WAN/Hub use: | Microsoft.Network/vpnGateways | Microsoft.Network/vpnGateways/vpnConnections | Microsoft.Network/vpnSites |
Upvotes: 4
Reputation: 28224
As you found the closet definition, the VPN gateway is a specific type of the virtual network gateway. When you create a virtual network gateway resource in Azure, you can select the VPN or ExpressRoute gateway type in Azure. The VPN gateway usually means a VPN gateway type of virtual network gateway.
Upvotes: 13
Related Questions
- What is the use of Expressroute gateway and VPN Gateway?
- Azure Vnet Peering vs Vnet Integration
- Azure Network Security Group Vs Route Tables
- Azure Vnet Peering
- Private endpoint with virtual network gateway
- Site-to-site VPN vs point-to-site VPN
- Azure gateway with a virtual network
- Azure vnet peering with remote gateway
- VNET peering performance?
- Connecting an Azure virtual network to an external VPN gateway