What is Azure VPN, and how does it work?

Illustration of the word VPN on a circuit board

Microsoft’s Azure VPN offers two kinds of products: Point-to-Site (P2S) and Site-to-Site (S2S). Site-to-Site VPN is a form of cloud VPN, while Point-to-Site is an example of remote VPN. For a refresher on the two product types, you can read our comparison piece,.

Azure VPN will encrypt your corporate network communications with military grade AES-256-bit encryption, regardless of which product you choose. This level of security ensures that your sensitive corporate data remains safe while in transit between networks, or to and from remote workers’ PCs.

This article will discuss the appropriate use cases for each Azure product, describe their unique features, and explain pricing and customer support options. 

Perimeter 81 is the best business VPN

Perimeter 81 is the best business VPN

Save 250+ yearly hours on manual configuration. Deploy your entire organization within a single day. Learn why Perimeter 81 is TechRadar's choice for the best Business VPN. Ditch legacy hardware and make the move to the cloud. See how simple it is for yourself.

Site-to-Site or Point-to-Site – which is right for you?

If you've ever worked from home in an office setting, you probably used Point-to-Site VPN. P2S VPN encrypts communication between remote workers' devices and your corporate server by creating a secure communication corridor called a tunnel. 

Tunnels encrypt information at one end, then decrypt it at the destination. This allows remote workers to safely access business apps and sensitive customer information from home. P2S VPN tunnels are temporary, and can open or close as required, when employees log on and off from the corporate network. 

Site-to-Site VPN works quite differently. It also creates a tunnel, but the tunnel is always active and optimized for large volumes of data. These permanent tunnels can send large volumes of encrypted information back and forth between two or more corporate networks. An example of two sites that need to communicate this way could be a head office in New York communicating with a satellite branch in LA, or two corporate head offices in Europe and Asia exchanging information.

Which of these products makes sense for you will depend on your business needs. A group of geographically remote research sites with a central database and only in-office staff may need a Site-to-Site VPN. In contrast, a small business with just one location but several remote workers may opt for Point-to-Site. You will need both if you run a large enterprise with remote staff and multiple branch offices.

Why choose Azure VPN?

When selecting a corporate VPN, there are many options for both Site-to-Site and Point-to-Site solutions. For instance, in addition to Azure, Perimeter 81 and Amazon AWS VPN offer both product types. You can read our Perimeter 81 Business VPN Alternative Review and What is AWS VPN articles for more information on these two providers.

Azure VPN’s products have many advantages over the competition. Firstly, Azure doesn’t charge upfront for the use of its VPN gateways. S2S and P2S VPNs use a VPN gateway to encrypt and decrypt communications. Some gateways can handle Site-to-Site connections, while others are designed for Point-to-Site. How many connections a gateway can handle and what type varies by provider.

Many VPN providers charge a flat fee per VPN gateway, and an additional per-hour cost based on usage. Azure charges are purely by the hour. Additionally, Azure’s gateways can handle P2S and S2S connections, offering even more flexibility.

How much does Azure VPN cost?

Azure’s pricing is per hour and based on the size of the VPN gateway you need. Gateways can create Site-to-Site and Point-to-Site tunnels. 

For P2S connections, remember that the number of tunnels can fluctuate throughout the day, as various devices connect and disconnect. Be sure to buy a big enough gateway to handle your traffic at peak time. Otherwise, employees may have trouble logging in during the busiest time of the day.

Consult the chart below for an overview of Azure’s pricing. Note that although prices are shown by the hour, Azure’s billing is monthly, billed on the day of the month that you activated your account.

Swipe to scroll horizontally
Azure’s pricing and VPN gateway options
GatewayPriceBandwidthS2S TunnelsP2S Tunnels
Basic$0.04/hour100MbpsMax 10 1-10: IncludedMax 128 1-128: Included
VpnGw1$0.19/hour650MbpsMax 30 1-10: Included 11-30: $0.015/hour per tunnelMax 250 1-128: Included 129-250: $0.01/hour per connection
VpnGw2$0.49/hour1GbpsMax 30 1-10: Included 11-30: $0.015/hour per tunnelMax 500 1-128: Included 129-500: $0.01/hour per connection
VpnGw3$1.25/hour1.25GbpsMax 30 1-10: Included 11-30: $0.015/hour per tunnelMax 1,000 1-128: Included 129-1,000: $0.01/hour per connection
VpnGw4$2.10/hour5GbpsMax 100 1-10: Included 11-100: $0.015/hour per tunnelMax 5,000 1-128: Included 129-5,000: $0.01/hour per connection
VpnGw5$3.65/hour10GbpsMax 100 1-10: Included 11-100: $0.015/hour per tunnelMax 10,000 1-128: Included 129-10,000: $0.01/hour per connection

As you can see, pricing varies considerably based on the number of connections you need, and the amount of data going through your system at any given moment. Pay attention to your bandwidth needs, the number of remote employees you have, and the number of Site-to-Site connections you have to establish.

What are Azure’s customer support options?

Azure’s Basic customer support package, included for all customers, provides access to the self-service knowledge base and support ticket system. There are no guarantees for response time on support tickets on the Basic tier, and Basic support customers are last in line behind all paying support plan holders.

Limited free support is normal for cloud VPN providers, and Azure stands out by simply having a free support option that isn’t entirely self-service. Paid plans start at $29/month for trial and non-production environments, and go up to $1000/month for one-hour critical case response time, plus a dedicated consultant.

Conclusion

Azure offers two powerful cloud-based VPN solutions for Site-to-Site and Point-to-Site VPN. Its scalable pricing, with no upfront fees for gateways, and 99% uptime on P2S systems, allows for an impressive degree of flexibility when building a P2S, S2S, or hybrid solution.

Azure’s customer support options are limited and expensive, but this is normal for a cloud VPN provider. If you need encrypted access for remote employees, or want to securely connect a set of remote networks together, Microsoft Azure VPN is a robust option.

To learn more about business VPNs, see our picks for best business VPN, and read our choices for the best VPN service providers overall.

Serguei holds degrees in finance and marketing from York University, and brings more than five years of professional experience at their intersection to his writing. His previous roles as a finance advisor involved breaking down and explaining complex concepts in everyday terms, a talent he now brings to his work as a freelance writer.