Multiple new features for Azure VPN Gateway are now generally available
Published date: November 20, 2020
We’re announcing the following new features for Azure VPN Gateway as generally available:
High availability for RADIUS servers in point-to-site VPN - This feature enables highly available configuration for customers using RADIUS/AD authentication for their point-to-site VPN.
Custom IPsec/IKE policy with DPD timeout - Setting IKE DPD (Dead Peer Detection) timeout allows customers to adjust the IKE session timeout value based on their connection latency and traffic conditions to minimize unnecessary tunnel disconnect, improving both reliability and experience. This feature brings the entire custom IPsec/IKE policy configuration experience to Azure Portal.
APIPA support for BGP speaker - This feature supports customers with legacy VPN routers and Amazon Web Service (AWS) VGW, Google Cloud Platform (GCP) VPN which use Automatic Private IP Addressing (APIPA) addresses as their Border Gateway Protocol (BGP) speaker IP addresses. Now they can establish BGP sessions with Azure VPN gateways using APIPA (169.254.x.x) addresses.
FQDN support for site-to-site VPN - This feature supports customer branches or locations without static public IP addresses to connect to Azure VPN gateways. Customers can now leverage dynamic DNS services and use their Fully Qualified Domain Name (FQDN) instead of IP addresses. Azure VPN gateways will automatically resolve and update the VPN target to establish IPsec/IKE connections.
Session management and revocation for point-to-site VPN users - Enterprise administrators can now list and revoke individual user connections to their VPN gateways from Azure Portal in real time, addressing a key management asks.