Multiple new features for Azure VPN Gateway in public preview
Datum publikování: 21 října, 2020
We’re announcing the following new features for Azure VPN Gateway in public preview:
High availability for RADIUS servers in point-to-site VPN - This feature enables highly available configuration for customers using RADIUS/AD authentication for their point-to-site VPN.
VPN over ExpressRoute private peering - For customers such as those in financial and health industries, double encryption over both their private WANs and Azure WAN is a key compliance requirement. VPN over ExpressRoute private peering allows customers to use IPsec tunnels over their ExpressRoute private peering to satisfy this need.
Custom IPsec/IKE policy with DPD timeout - Setting IKE DPD (Dead Peer Detection) timeout allows customers to adjust the IKE session timeout value based on their connection latency and traffic conditions to minimize unnecessary tunnel disconnect, improving both reliability and experience. This feature brings the entire custom IPsec/IKE policy configuration experience to Azure Portal.
APIPA support for BGP speaker - This feature supports customers with legacy VPN routers and Amazon Web Service (AWS) VGW, Google Cloud Platform (GCP) VPN which use APIPA addresses as their BGP speaker IP addresses. Now they can establish BGP sessions with Azure VPN gateways using APIPA addresses.
FQDN support for site-to-site VPN - This feature supports customer branches or locations without static public IP addresses to connect to Azure VPN gateways. Customers can now leverage dynamic DNS services and use their FQDNs instead of IP addresses. Azure VPN gateways will automatically resolve and update the VPN target to establish IPsec/IKE connections.
Session management and revocation for point-to-site VPN users - Enterprise administrators can now list and revoke individual user connections to their VPN gateways from Azure Portal in real time, addressing a key management asks.