Create a Post
Showing results for 
Search instead for 
Did you mean: 

VPN Client Support on CloudGuard in VMSS - EA

cloudguard (1).gif


Hi All,

I’m thrilled to share with you that we are going to release an EA version that will support VPN Client connections to CloudGuard for Azure in a Virtual Machine Scale Set topology.

From now on, we are going to support with our VMSS not just Inbound, Outbound, and East/West traffic but also VPN Client connections.

No need to pay anymore for unused licenses and compute resources, pay only for what you use, and always be flexible and dynamic to support any demand for traffic.

And not just that, you now have the option to move your VPN client termination to the Cloud and route all the traffic to the on-premise networks over a single VPN connection or ExpressRoute.

Let your CloudGuard VMSS do all the hard work of VPN termination, authentication, and traffic threat prevention inspection on the Cloud instead of investing in upgrading on-premises hardware that needs to support traffic spikes and future growth.

Both windows mobile VPN client and EndPoint VPN client are supported.

My offer to you:

The first five customers that will drop me an email with a request to take part in this Early Availability will get direct support of our RnD team and would also get for free 3-month license for their autoscale deployment.

My Email is:

** Stay tuned, VPN Client support on AWS Auto Scaling, is on the way ….



Shay Levin

3 Replies



It was my understanding that VMSS did not support inbound/outbound VPN traffic, as well, and therefore, an HA cluster or single gateway was required for site-to-site VPN connections.  Is that not accurate?


0 Kudos


CloudGuard for Azure on Autoscale Deployment does not support Site 2 Site VPN, all the other types of traffic ( Inbound, outbound and East/West and from now on also  VPN Client Access)  are supported.

For Site 2 Site VPN you will need to use CloudGuard Cluster or a Single Gateway deployment.

0 Kudos

How will this look in a quasi-hybrid deployment?

Let me explain.

Let's say you currently have an on-premises VPN solution using a couple Check Point gateways. But to support rapid scaling, specially during this pandemic times, could you mount the Remote Access VPN service in Azure and have it route the trusted traffic to the gateways on-premises, all this with out having any other other VM hosted in Azure.

This way users will just connect to the VPN through Azure and we can forget on adding additional gateways on-premise.

Do you have a cost sample? Azure vs On-Premise?




Epsum factorial non deposit quid pro quo hic escorol.