Hello,
I've been involved in a few projects where we've configured Azure site-2-site VPN to terminate on our customers' on premises firewall devices. Generally this has worked well for for non-critical, production systems, but for customers with more critical workflows hosted in Azure Vnets and who don't want to go to the expense of provisioning Express Route, the S2S VPN solution creates a number of single points of failure in the network path.
Assuming customers who have multiple on-premises datacenters which are WAN connected, has anyone ever implemented a solution for maintaining connectivity via S2S VPN between Azure vnets and on-premises for scenarios where network devices such as the firewall that terminates the S2S connection fail? What have you implemented?
