Share via

Question on Azure Virtual WAN w/ P2S Configuration

Kalel 80 Reputation points
2025-01-24T15:33:57.19+00:00

I'm in the process of looking at and building out an Azure Virtual WAN. Before doing this, I have previously tested creating an Azure Virtual Network Gateway and successfully connected via a standard Site-to-Site VPN tunnel as well as Point-to-Site configuration. After testing the Point-to-Site, I was able to confirm that my internet traffic uses my normal internet connection while traffic destined for my Azure Vnet, went through the P2S VPN Client (Split-tunnelling).

My question is regarding configuring the P2S VPN Client within the Azure Virtual WAN. Am I correct that with this setup, using the P2S there will be no split-tunnelling and all my traffic (internet bound and vnet) will go through the vWAN?

Thx in advance for any help provided.

Azure Virtual WAN
Azure Virtual WAN
An Azure virtual networking service that provides optimized and automated branch-to-branch connectivity.
241 questions
Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,629 questions
Accepted answer
  1. Ganesh Patapati 3,365 Reputation points Microsoft Vendor
    2025-01-24T21:44:48.2933333+00:00

    Hi Kalel

    Greetings!

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    Yes, you are correct in your understanding of how Point-to-Site (P2S) VPN connections work within Azure Virtual WAN.

    NOTE: When you configure a P2S VPN client in Azure Virtual WAN, the default behavior is that all traffic from the client will be routed through the Azure Virtual WAN. This means that both internet-bound traffic and traffic destined for your Azure Virtual Network will go through the Azure Virtual WAN.

    In Azure Virtual WAN, the P2S VPN is intended to offer a more centralized and managed connectivity approach. Consequently, it does not support split-tunneling in the same manner. All traffic will be routed through the Azure Virtual WAN, enhancing security and management.

    Refer: https://learn.microsoft.com/en-us/azure/virtual-wan/virtual-wan-point-to-site-portal

    Refer: https://learn.microsoft.com/en-us/azure/virtual-wan/how-to-forced-tunnel

    I hope this has been helpful!

    Your feedback is important so please take a moment to accept answers. If you still have questions, please let us know what is needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!

    Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

    Regards

    Ganesh

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.