NetReach App-Secure Access Architectures

Scenario 1: Azure with On-premises network
Summary
The NetReach App, hosted on Azure App Service within an Azure Virtual Network (VNet), is accessed securely through an Azure VPN Gateway. Users can connect in two ways:
  • Site-to-Site (S2S) VPN – For entire on-premises networks.
  • Point-to-Site (P2S) VPN – For individual remote users.
All traffic goes securely through encrypted IPsec/IKEv2 VPN tunnels to the Azure VPN Gateway, which routes traffic to the NetReach App inside the Azure VNet.
Scenario 1: Azure with On-premises network
🔍 Click to zoom / pan
Components in the Diagram
1. Azure Side
  • Azure VNet
  • NetReach App (Azure App Service)
  • Azure VPN Gateway (with Public IP address)
2. On-Premises Site
  • Local network devices (firewalls/routers)
  • Public IP address of local VPN device
3. Remoter Users
  • Azure VPN client installed on user laptop
Scenario 2: WTI Unit on public IPs with Azure
Summary
WTI units on cellular public IPs are accessed securely via an IPSec/IKEv2 site-to-site VPN to the Azure VPN Gateway. Remote users connect to the same gateway using a P2S VPN, then reach the WTI units over the encrypted tunnels.
Scenario 2: WTI Unit on public IPs with Azure
🔍 Click to zoom / pan
Components in the Diagram
1. Azure Side
  • Azure VNet
  • NetReach App (Azure App Service)
  • Azure VPN Gateway (with Public IP address)
2. WTI Unit
  • Create Site-to-Site (S2S) VPN
  • VPN Tunnel Interface – Cell
  • Virtual IP Address
  • IPTABLES (optional) for network access and restriction
3. Remoter Users
  • Azure VPN client installed on user laptop

Published on

Tags: