Forum Discussion

Brass Contributor

Apr 16, 2021

Solved

Need For Local Network Gateway when connecting Azure S2S tunnel to AWS

Greetings. According to this article and several others I've read on connecting Azure to AWS resources, a Local Network Gateway is required to be provisioned and configured along with an Azure VPN G...

AzureBrian
Apr 23, 2021
Hi KennethML and ibnmbodji. Thanks for your continued discourse on this. After reviewing your image and comparing with my setup, I think I left out an important detail. My Azure VPN Gateway is based on a "classic" Service Model based-VNET, rather than ARM-based. Per https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#lng , in the classic deployment model, the LNG is called a "Local Site" and so the portal interface is different than what you see. So, I think that's my answer and that difference in terminology was what was throwing me off. Thanks again for your help in getting me to the answer!

Brian

ibnmbodji

Iron Contributor

Apr 23, 2021

The reason why you need a local network gateway is this :
"The local network gateway is a specific object that represents your on-premises location (the site) for routing purposes."
Consider on-premises location everything outside Azure even if it can be a public cloud like AWS
Now the use of VPN Gateway is not mandatory you can simply use a Network Virtual Appliance in Azure ( Fortinet Palo Alto Checkpoint ...) to establish your connectivity with AWS and on that side you need also an NVA . In that context LNG is not needed.

REF: https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal