Azure how to connect Route-Based VPN with Policy-Based one

azurepolicy-routingsite-to-site-vpnvpn

I've got Policy-Based VNET that is connected to Cisco ASA – there is no way to make it Route-Based.

I need all of my app deployment (Azure Web App, Azure Cloud Services) to be connectable only from the subnet that lives after Cisco gateway – there is no connection to the internet in this LAN.

There is no way to deploy Cloud Services to VNET that is policy-based (it gives me an error that this subnet doesn't exist), also there is no way to bind Azure Web App to this VNET – it says that it requires RouteBased VNET.

Is that possible to create RouteBased VNET and make connection between PolicyBased VNET and RouteBased VNET on the azure side, so that LAN could access internal IPs from routebased VNET

Best Answer

Based on my knowledge, Azure does not support make connection between Policy Based Gateway and Route Based Gateway.

Firstly, a PolicyBased VPN can only support one Site-to-Site VPN tunnel.But according to your description, you need two Site-to-Site VPN tunnels.

Secondly, you could refer to this official documentation .

Can I connect a VNet with a RouteBased VPN Type to another VNet with a PolicyBased VPN type?

No, both virtual networks MUST be using route-based (dynamic routing) VPNs.

Best Answer

Related Solutions

Azure hub, multiple spoke VPN using Meraki MX Security Appliances

Connect Azure App Service to Azure SQL Server DB – How to Guide

Related Topic