About Secure Cross-Premises Connectivity
Updated: February 6, 2014
Secure cross-premises connectivity
You can create two types of secure cross-premises connections, site-to-site and point-to-site. Depending on your cross-premises requirements, select the connection type that fits your needs.
A site-to-site VPN allows you to create a secure connection between your on-premises site and your virtual network. To create a site-to-site connection, a VPN device that is located on your on-premises network is configured to create a secure connection with the Windows Azure Virtual Network Gateway. Once the connection is created, resources on your local network and resources located in your virtual network can communicate directly and securely. Site-to-site connections do not require you to establish a separate connection for each client computer on your local network to access resources in the virtual network.
Use a site-to-site connection when you want to create a branch office solution or when you want a connection between your on-premises location and your virtual network that is available for clients on both sides without additional client-side configurations.
|You must use an externally facing IPv4 IP address to configure a site-to-site VPN connection.|
For more information about VPN device requirements and configurations, see About VPN Devices for Virtual Network. For more information about how to configure a site-to-site VPN, see About Configuring a Virtual Network in the Management Portal.
A point-to-site VPN also allows you to create a secure connection to your virtual network. In a point-to-site configuration, the connection is configured individually on each client computer that you want to connect to the virtual network. Point-to-site connections do not require a VPN device. They work by using a VPN client that you install on each client computer. The VPN is established by manually starting the connection from the on-premises client computer. You can also configure the VPN client to automatically restart.
|Point-to-site VPN is currently in Preview (CTP).|
Use a point-to-site configuration when:
You only want to configure a few clients to connect to a virtual network site
You do not have access to a VPN device that meets the minimum requirements for a site-to-site connection
You do not have an externally facing IPv4 IP address for your VPN device
For more information about configuring a point-to-site connection, see Configure a Point-to-Site VPN using the Management Portal Wizard.