Hybrid connections

Azure Stack Hub
Virtual Machines
Virtual Network
VPN Gateway

Solution Idea

If you'd like to see us expand this article with more information, such as potential use cases, alternative services, implementation considerations, or pricing guidance, let us know with GitHub Feedback!

Azure Stack Hub enables you to deploy Azure services on-premises or in the cloud with a consistent application logic, development paradigm, and operations methodology.

Hybrid cloud applications are a single system that has components running in both Azure and Azure Stack Hub. This solution blueprint is relevant to establishing connectivity for any application that involves communications between the Azure public cloud and on-premises Azure Stack Hub components. Hybrid connectivity is a foundational blueprint that will be applicable to most Azure Stack Hub solutions.

Note: This doesn't apply to Azure Stack Hub deployments that are disconnected from the public internet.


Architecture diagram Download an SVG of this architecture.

Data flow

  1. Deploy a virtual network in Azure and Azure Stack Hub.
  2. Deploy a virtual network gateway in Azure and Azure Stack Hub.
  3. Deploy virtual machines in each virtual network.
  4. Establish a VPN connection over the public internet between the network gateways.


  • Virtual Network: Provision private networks, optionally connect to on-premises datacenters.
  • Virtual Network Gateway: Learn how to configure VPN Gateway, a virtual private network gateway.
  • Virtual Machines: Provision Windows and Linux virtual machines in seconds.
  • Azure Stack Hub is a hybrid cloud platform that lets you use Azure services on-premises.

Next steps