PPTP on Azure

Category: azure connectivity


Oscar Jim on Wed, 30 Jan 2013 09:19:47


How i can set a virtual machine in Azure and configure it as virtual private network server?

I'm involved in a cloud project that need a VPN server. A big number of IP devices dial-up to VPN server in a data center to create a big private network with the cloud servers in the data center. Later, we connect to all devices to manage their states, operations, etc.

¿It's possible to migrate this scenario to Azure? ¿Are all Azure servers connected to a private network? ¿It's possible to create a PPTP service in Azure?

Thanks a lot.

Note: The VPN of azure it's not a option because is a big number of devices and this VPN is to expensive (it's designed for site to site VPN)


Qin Dian Tang - MSFT on Thu, 31 Jan 2013 02:54:42


Since the issue is related to Iaas, I have moved this thread to Virtual Network Virtual Machine forums for getting a better support.

Thanks for your understanding.

Steve Espinosa [MSFT] on Fri, 01 Feb 2013 01:52:24

Hello Oscar,

Thank you for posting your question here.

First, you are correct that the built-in Windows Azure Gateway would not support a large number of devices connecting to it. It is designed to connect to a single point to create a site-to-site connection.

Secondly, I can offer an alternative to what you are requesting. If you could leave your VPN server in your datacenter, you could move all the other servers to Windows Azure. Your VPN server could route connections from your dial-up devices to the servers in Windows Azure as needed.

Finally, while I don't have a client-to-server VPN solution ready for like the one you described, you are welcome to find your own. What I can offer you is some information about the nature of the connection so you can evaluate potential VPN server solutions.

  • The Endpoints that control connections into the VMs from the Internet only support TCP and UDP. This means that VPN connections requiring additional protocols, like PPTP that requires GRE, will not work.
  • The public IP is translated to an internal IP (NAT). This means that VPN connections that don't work with NAT, like L2TP/IPsec, won't work in Windows Azure.

Hopefully that helps you evaluate your options.

Best regards,


JoaoCC Dev on Thu, 14 Nov 2013 11:25:31

Hi Oscar,

A quick confirmation question.

Does this mean I cannot setup a VM in Azure IaaS to provide IKEv2 VPN to the outside world (which is a configuration I have working behind other NATed ISPs/Cloud providers)?



Oakton Dev on Fri, 02 May 2014 12:41:06

I am interested in finding a VPN solution for clients as well.  So far, OpenVPN works on a single server in Azure, but the client can only access that VPN server. It doesn't seem to have a way to access any other servers in the same vlan.