Enable secure connections between virtual networks
Amazon doesn't have this but it is rumored by their support that it's in the pipes (pin intended).
There should be a way to use the built in Azure VPN infrastructure to connect to another Azure cloud.
Example: Company Contoso performs a data exchange between their on-prem databases and their Azure (IaaS) cloud based web servers through a hardware VPN to the Azure VPN solution. Contoso hires Tailspin Toys to be their web contractor. Tailspin Toys has their own Azure cloud that they use as a dev environment for their web solutions as well as a code repository. Tailspin Toys would like to connect a site-to-site VPN to Contoso's Azure cloud in order to push code to, and manage the Contoso web servers.
Idealy a site-to-site IPsec VPN should be able to be constructed between the two "clouds" using the built in Azure VPN feature.
If you can nail this one - I think it positions Azure that much closer to being the superior IaaS provider out there. After all IaaS is _all_ about the infrastructure.
***Having a VM in each cloud to create a software site-to-site VPN is neither a feasable option due to increased costs or a practical solution due to increased management.***
Thank you for your consideration.
Enable separate virtual networks (probably in separate regions) to connect via VPN or other secure means. For instance so we can securely replicate databases for DR/HA purposes.
In our use case, We want our VM role instances to run in different geographic regions, we also want them to be able to connect to each other within a internal network. I found currently VM network doesn't support this. I think this should be a useful feature.
Clarification – there are two aspects to this ask. The subject line was updated to reflect that:
1. Connecting virtual networks in the SAME subscription
2. Connecting virtual networks from DIFFERENT subscriptions (accounts, companies, etc.)
Both are under review within the team.
Thanks for the feedback!
This would be ideal so that we could configure Active Directory replication between domain controllers in different regions. Can we get this on the menu?
Thanks for the feedback.
Moved to the Virtual Network feedback forum.
Eric Blevins commented
This would be very useful in many situations.
Forcing NAT on ever virtual server and not providing a simple way to connect two different networks really limits what one can do in Azure.
Looks like I'm not the only one who thought of adding VMs just to setup a site-to-site VPN to get around this problem.
The VPN feature looks like it will support this, but it should be native.