Forum Discussion

alexrabbi's avatar
alexrabbi
Brass Contributor
Jul 25, 2022

AO VPN

Hi All,

 

Apologies if i have posted this is wrong label

 

I am planning to implement AO VPN , my boss is concerned about the pricing .

I would like to know how Microsoft charges in below 2 scenarios 

 

1. User is working at home using only outlook and teams online , do not really need to connect to office or  network resources in office, does AO VPN still connect through Azure gateway and are we charged for the whole time ?

 

2. User is connected from office, does user still use VPN gateway ?

 

Regards,

Alex

  • alexrabbi 

     

    My main problem with Always On vpn connections via Azure Virtual Network is , All Azure VNG skus only permit 128 connections for SSL \ SSTP.

    Defending on the size of your organisation and if 128 SSL connections will suffice then great, If not a travelling sales person will most likely not be able to connect to their Always On VPN connection using iKev2 as the hotel Wi Fi , blocks this protocol and ports.

     

    COSTS

     

    • It depend on how far your organisation is on their cloud journey. If there are on-premise firewall decencies, then another option , could be to use Intune to application package with a transform file or config switch, eg. Palo Alto, Fortinet , Cisco, Checkpoint firewall client so that, remote clients can connect seamlessly when the vpn client is deployed via Intune
    • Ingres - egress, costs are very minimal when using Always On.
    • If using Azure Files and you select , Azure Premium Storage there is no ingress and egress charges

    Hope this helps

    Seán

  • seanofarrell's avatar
    seanofarrell
    Copper Contributor

    alexrabbi 

     

    My main problem with Always On vpn connections via Azure Virtual Network is , All Azure VNG skus only permit 128 connections for SSL \ SSTP.

    Defending on the size of your organisation and if 128 SSL connections will suffice then great, If not a travelling sales person will most likely not be able to connect to their Always On VPN connection using iKev2 as the hotel Wi Fi , blocks this protocol and ports.

     

    COSTS

     

    • It depend on how far your organisation is on their cloud journey. If there are on-premise firewall decencies, then another option , could be to use Intune to application package with a transform file or config switch, eg. Palo Alto, Fortinet , Cisco, Checkpoint firewall client so that, remote clients can connect seamlessly when the vpn client is deployed via Intune
    • Ingres - egress, costs are very minimal when using Always On.
    • If using Azure Files and you select , Azure Premium Storage there is no ingress and egress charges

    Hope this helps

    Seán

Resources