Azure – Use of Gateway Subnet

azureazure-networkinggateway

I'm trying to create a Point-to-Site(P2S) VPN on Microsoft Azure and in order to do so I created a VNet, created a couple of subnets under the VNAT and then I read that I need to create a "Gateway Subnet" to be able to attach a network gateway to my VNet. I couldn't understand why does a Gateway (which, according to my understanding, is simply a router) would need its own subnet?

Upon further digging, I stumbled upon Azure VPN Gateway FAQs but all it says is:

The gateway subnet contains the IP addresses that the virtual network
gateway services use.

And

When you create the gateway subnet, you specify the number of IP
addresses that the subnet contains. The IP addresses in the gateway
subnet are allocated to the gateway service.

I wonder which gateway services are these?

Best Answer

As for as I know, the gateway service looks like a router service or device that can enable routing transit between on-premise and Azure. Per Doc, it says that

The Azure gateway subnet is needed by Azure to host the two virtual machines of your Azure gateway. Specify an address space with at least a 29-bit prefix length (example: 192.168.15.248/29). A 28-bit or smaller prefix length is recommended, especially if you are planning to use ExpressRoute.

Here is a similar case for your references.

Best Answer

Related Solutions

Azure – How to allow communication between two Azure virtual networks with their own VPN gateways

Azure VNet: Can I Change the Gateway Subnet Range

Related Topic