Basick Hybrid Azure AVD Network As-Built
About This Architecture
Hybrid Azure Virtual Desktop network connecting Christchurch and Auckland on-premises sites via active-active Fortinet firewalls and S2S VPN to Azure VNet1 in New Zealand North region. Traffic flows from production LAN through VPN gateways, NAT gateway, and bastion host to AVD session hosts, SQL VMs, and supporting infrastructure across five resource groups. This architecture demonstrates enterprise-grade hybrid identity integration with Azure AD DS, Entra ID, and Key Vault for secure credential management. Fork this diagram on Diagrams.so to customize subnets, add additional regions, or adjust VM SKUs for your AVD deployment. The active-active VPN configuration with dual public IPs ensures high availability for remote desktop access across geographically distributed sites.
People also ask
How do I design a hybrid Azure Virtual Desktop network connecting on-premises sites with active-active VPN and Fortinet firewalls?
This diagram shows a production AVD hybrid architecture with dual Fortinet firewalls in active-active S2S VPN configuration connecting Christchurch and Auckland on-premises LANs to Azure VNet1 via VpnGw1AZ gateways. Session hosts, SQL VMs, and supporting services are distributed across five resource groups with Entra ID integration and Key Vault for secure credential management.
- Domain:
- Cloud Azure
- Audience:
- Azure solutions architects designing hybrid AVD deployments with on-premises connectivity
Generated by Diagrams.so — AI architecture diagram generator with native Draw.io output. Fork this diagram, remix it, or download as .drawio, PNG, or SVG.