greetings,
I’m hoping some experts in here can give me some guidance on this . .
We have Azure Virtual Wan in place and we use this for VPN connections into our branch offices. Something we struggle with so far is having VPNs into a single site that has multiple internet connections (active/passive).
We have two models in our network - branches that have a single ISP but two internet links with HSRP using one IP range. This works well as the IP address that Azure connects to would never change, so internet can fail over between primary/secondary and this is transparent to Azure. The other model we use is to have multiple ISP links configured in active/passive on our firewall. When using this method we don’t know the correct way to configure this in Azure or if it’s even possible.
Unfortunately we are not able to get the single ISP solution in all locations, so we have no other option than to have multiple links from separate ISPs at some sites.
The goal is to have a VPN into VWAN that is stable and is able to cope with loss of service on primary internet links at our branch. I can’t find this in any documentation.
I have included a diagram to try and give better context.
Would really appreciate your thoughts on this challenge.
