I've been struggling with some practical limitations on Azure and some on-premise infrastructure. I setup a VNET on Azure and needed to connect via Site-to-Site VPN to 4 different on-premise locations.
Naturally, I chose a route-based VPN which could support multi-site connections, but it turns out that one or more of these on-premise VPN devices support only static (policy based) IKEv1 setup. It won't be a problem if I can create a policy based VPN and connection to each client on the VNET but apparently I can only have one VPN per VNET.
What options do I have to be able to connect to these various on-premise locations? Will I need to create multiple VNETs, connect each VNET to an on-premise location with a VPN and join the VNETs with VNET-VNET connection? Is this even possible even though it's becoming messy just typing it.
Appreciate all the help I can get now.
Best Answer
[UPDATE 31/08/2017] The below is not completely accurate anymore.
Now you can have multiple policy-based connections (IKEv2 only!) and P2S, Vnet to Vnet, etc on the same gateway. You'll need to deploy one of the new SKUs (VpnGw1, VpnGw2, VpnGw3).
E.g. https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-connect-multiple-policybased-rm-ps
You can't do Vnet to Vnet with a policy-based gateway, so that's not an option either.
These are probably your best alternatives:
(Disclosure: I work for Microsoft in Azure)
Hope this helps!