You can use the Routing and Remote Access Service RRAS in Windows Server 2016 or Windows Server 2012 to establish an IPsec sitetosite VPN connection between the onpremises network and the Azure virtual network. You can also use other options, such as Cisco or Juniper Networks VPN devices.
A SitetoSite VPN gateway connection is used to connect your onpremises network to an Azure virtual network over an IPsec/IKE IKEv1 or IKEv2 VPN tunnel. This type of connection requires a VPN device located onpremises that has an externally facing public IP address assigned to it.
Step 1: Create a customer gateway.
Step 2: Create a target gateway.
Step 3: Configure routing.
Step 4: Update your security group.
Step 5: Create a SitetoSite VPN connection.
To connect to your VNet, on the client computer, navigate to VPN settings and locate the VPN connection that you created. It's named the same name as your virtual network.
On the Connection status page, select Connect to start the connection.
Your connection is established.
Prerequisites. An Azure account with an active subscription.
Create a virtual network. Create a virtual network VNet using the following values: ...
Create a VPN gateway.
Create a local network gateway.
Configure your VPN device.
Create a VPN connection.
Verify the VPN connection.
Connect to a virtual machine.