Blog: Switching to WireGuard and reducing costs in Azure
Using Azure Cost Analysis we can quickly identify the resources, resource groups and services that cost the most money.
Drilling down into the resource group we learn that the Virtual network gateway is at the top of the list of costs.
Using Azure Cost Analysis to explore the cost of services within a Resource Group
Resource Group costs in order from most to least costly
Replacing Azure VPN with WireGuard
We can replace the Azure Virtual network gateway with a virtual machine (VM) running WireGuard. Note that the Azure Virtual network gateway supports these older Point-to-site (P2S) tunnel types:
- OpenVPN
- SSTP
- IKEv2
These are old and established protocols with good client support, however, today there is a newer faster protocol available called WireGuard that works on Windows, Mac, Linux, Andriod and iOS devices.
WireGuard comes "built-in" with any modern Linux server and Linux is well supported in Azure, so setup is done quickly after installing your favourite (modern) Linux image.
I won't cover installing WireGuard here, that's well documented already: https://www.wireguard.com/install/
What we find after installing and running WireGuard for a month is that our VPN running costs have come down to the cost of running the VM plus what ever bandwidth is used:
Resource cost snapshot when running the Virtual Machine for a month.
The approach is a little be "back to the future" since by setting up a VM then installing and configuring software, we lose out on the convenience of "button click" cloud solutions. However, that convenience comes at a cost premium and can often be lacking the latest and greatest features (or in this case protocols).
Get in touch
If you would like to know more about out Azure cost saving ideas or you are interested in setting up WireGuard you can get in touch or check out our Cost reduction ideas for Azure webinar on the 28th of August 2022.