New networking features in Azure Government
Azure Gov Team
We recently announced Azure Virtual WAN along with other networking services you won’t want to miss, and now you can utilize Express Route and Point-to-Site VPN gateway with Azure Virtual WAN. In addition, you can now use IPv6 support within Azure Virtual Network to address IPv4 depletion in your own networks and expand your mobile and IoT capabilities.
Azure Virtual WAN with ExpressRoute and Point-to-Site VPN
As covered in our earlier blog, Azure Virtual WAN is a networking service that provides optimized and automated branch connectivity to, and through, Azure. Azure regions serve as hubs that you can choose to connect your branches to. You can leverage the Azure backbone to also connect branches and enjoy branch-to-VNet connectivity.
IPv6 for Azure Virtual Network (VNet) enables you to host applications in Azure with IPv6 and
IPv4 connectivity both within a virtual network and to and from the Internet.
Using ExpressRoute with your Virtual WAN
ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection facilitated by a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure and Office 365. ExpressRoute connections do not go over the public Internet, offering more reliability, faster speeds, consistent latencies, and higher security than typical connections over the Internet.
With ExpressRoute, you can create a connection You can create a connection between your on-premises network and the Microsoft cloud in three different ways, CloudExchange Co-location, Point-to-point Ethernet Connection, and Any-to-any (IPVPN) Connection.
Virtual WAN – ExpressRoute resources
- Azure ExpressRoute documentation
- Azure Virtual WAN documentation
- Tutorial: Create an ExpressRoute association using Azure Virtual WAN
Using Point-to-Site VPN with your Virtual WAN
A Point-to-Site VPN (PS2 VPN) gateway connection lets you connect to your virtual machines on Azure virtual networks from anywhere, whether you are on the road, working from your favorite café, managing your deployment, or doing a demo for your customers.
P2S VPN routing behavior is dependent on the client OS, the protocol used for the VPN connection, and how the virtual networks (VNets) are connected to each other.
Azure currently supports two protocols for remote access, IKEv2 and SSTP. IKEv2 is supported on many client operating systems including Windows, Linux, MacOS, Android, and iOS. SSTP is only supported on Windows. If you make a change to the topology of your network and have Windows VPN clients, the VPN client package for Windows clients must be downloaded and installed again for the changes to be applied to the client.
Virtual WAN Point-to-Site VPN gateway resources
- VPN Gateway documentation
- Point-to-Site VPN gateway documentation
- Cryptographic requirements and Azure VPN gateways
IPv6 for Azure Virtual Network
Azure Virtual Network is your private network in the cloud, enabling you to build a hybrid infrastructure that you control. You can bring your own IP addresses and DNS servers, secure your connections with an IPsec VPN or ExpressRoute, and get granular control over traffic between subnets.
Now you can bring your private IPv6 space into Azure Government and get connectivity over IPv6 within your virtual networks using dual-stack IPv4/IPv6 virtual networks. IPv6 connectivity, protected by your own network security group rules, provides safe access to IPv6 clients on the internet. IPv6 support within the Azure Virtual Network enables you to expand into the growing mobile and IoT markets with Azure-based applications and to address IPv4 depletion in your own networks.
IPv6 for Azure Virtual Network (VNet) enables you to host applications in Azure with IPv6
and IPv4 connectivity both within a virtual network and to and from the Internet.
IPv6 for Azure Virtual Network resources