Forum Discussion
Site-to-Site VPN using L2TP/IPSec
I have to establish a connection from Azure to a site and the VPN is using a L2TP/IPSec connection. Is it possible to do this I Azure? Until now I have only found setups using IKE (v1 or v2).
1 Reply
Azure does not support L2TP/IPSec for Site-to-Site VPN connections. Azure VPN Gateway only supports IPsec/IKE (IKEv1 and IKEv2) protocols for S2S tunnels.
You may consider:
1. Switch the remote site to IPsec/IKE
• If you control the remote VPN device, configure it to use IPsec/IKEv2.
• Follow this: About VPN devices for connections - Azure VPN Gateway | Microsoft Learn
2. Use a third-party NVA (Network Virtual Appliance)
• Deploy a VM-based VPN appliance in Azure that supports L2TP/IPSec.
• These can act as L2TP endpoints and bridge traffic to your Azure VNet.
3. Use Point-to-Site VPN with L2TP/IPSec (limited)
• Azure supports L2TP/IPSec for Point-to-Site (P2S) VPNs, but only for Windows clients.
• This is not suitable for gateway-to-gateway setups.
