Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Microsoft is giving away 50,000 FREE Microsoft Certification exam vouchers. Get Fabric certified for FREE! Learn more

Reply
rodneyc8063
Helper I
Helper I

When to use an on premise gateway vs a VNET Gateway?

‎03-03-2025 11:52 AM

Howdy folks,

 

So my organization has an on premise gateway set up to connect the PBI service to our on prem Oracle database. I understand that since our Oracle database is on prem and not available on the public internet that this is the way to go.

 

Now we are looking into Azure Databricks and we set it up with a private end point. I was advised and found a few forum threads that in order to connect the PBI service to Azure Databricks with a private end point that a VNET gateway is the way to go.

 

Basically you use an on prem gateway for on prem data sources. If the data is in Azure but private then we should use a VNET gateway.

 

But my question now is since we already have a working PBI on prem gateway - Could we use this to connect the PBI service to Azure Databricks private end point?

 

It makes sense to me to keep things "cloud native" and keep it all in the cloud with PBI service -> VNET Gateway -> Azure Databricks but there was a concern as to cost. 

 

If we have a VNET gateway running, not sure what the cost implication would be. Whereas the on premise gateway is "free" and already in use why can we not just continue to use it?

 

The only thing I could think of was that with an on premise gateway its another jump from basically going PBI Service -> On premise gateway going through our network -> Hopping back out and into Azure Databricks

 

I was basically trying to figure out when to use either gateway? 

 

Can the gateway types be "exchanged" for each other? So like an on premise gateway connecting to an Azure private end point? And also can a VNET gateway connect to an on premise data source?

 

Appreciate any input

Labels:
Message 1 of 10
884 Views
0
1 ACCEPTED SOLUTION
nilendraFabric
Community Champion
Community Champion
In response to rodneyc8063

‎03-04-2025 07:25 AM

On-Premises Gateway

 

 


Connects to any private data source (on-premises, Azure, AWS, etc.), including:

• On-premises databases (Oracle, SQL Server).
• Private Azure resources (e.g., Azure SQL with private endpoints).
• AWS VPC-hosted services (e.g., RDS in a private subnet).

 

VNet Gateway
Exclusively for Azure resources with private endpoints (e.g., Databricks, Synapse, Storage Accounts).
• Cloud-native, requiring no on-premises infrastructure.
• Requires Power BI Premium licensing (P SKU/PPU).
• Traffic stays within Azure’s backbone, avoiding public internet exposur

 

Cloud Connection
• Use Case:
Connects directly to publicly accessible endpoints, such as:
• APIs (Wikipedia, Google Analytics).
• Public AWS/Azure services (S3 buckets with public access, Azure Blob Storage)

 

 

for your example

 Use a Cloud Connection:
• Directly connect via the public URL 
• No gateway required..

View solution in original post

Message 7 of 10
779 Views
9 REPLIES 9
v-ssriganesh
Community Support
Community Support

‎03-04-2025 01:23 AM

Hi @rodneyc8063,
Thank you for reaching out to the Microsoft Fabric community forum. We value your thorough consideration of whether to use an On-premises Data Gateway or a VNet Data Gateway in Power BI.

Thank you to @nilendraFabric and @Deku for their valuable insights. Their points about network connectivity requirements, driver limitations, and the benefits of keeping traffic within Azure’s backbone are accurate.

  • On-premises Data Gateway Best for connecting Power BI Service to on-premises databases
  •  VNet Data Gateway Designed for Power BI Service to securely access Azure-based data sources with private endpoints.

Can the On-premises Gateway be used to connect Power BI Service to an Azure Private Endpoint (e.g., Databricks)?
Yes, but not recommended because it requires additional network routing and adds extra latency. If you already have an on-premises gateway and VPN to Azure, it may work, but a VNet Gateway is the best practice for cloud-native solutions.

Can a VNet Gateway be used to connect to an on-premises database for Power BI?
No. VNet Data Gateway only works for Azure-based services. For on-prem databases, you must use an On-premises Data Gateway.

If this helps, then please Accept it as a solution and dropping a "Kudos" so other members can find it more easily.
Thank you.

Message 5 of 10
803 Views
rodneyc8063
Helper I
Helper I
In response to v-ssriganesh

‎03-04-2025 06:58 AM

Hi @v-ssriganesh,

 

Appreciate the detailed and concise reply! 

 

Another question please if you dont mind - My team mate noticed that while creating a PBI gateway that there was also a third connection type (Cloud). So just clarifying

 

* On premise gateway -> Used to connect to sources that are on prem and not available on the cloud

* VNET Gateway -> For Azure sources that are "private"

* Cloud -> Is this for publically available cloud sources? 

 

So lets say for example a wikipedia page? Just curious if we are trying to connect to lets say an Amazon  hosted source would we use Cloud connection? Or what if there is an Amazon hosted source that is "private" which gateway type should be used?

 

@Deku - I appreciate the real world experience and the driver issue! Will be noting this to my team as well 

@nilendraFabric - Also much appreciate your clarification and feedback!

Message 6 of 10
786 Views
0
nilendraFabric
Community Champion
Community Champion
In response to rodneyc8063

‎03-04-2025 07:25 AM

On-Premises Gateway

 

 


Connects to any private data source (on-premises, Azure, AWS, etc.), including:

• On-premises databases (Oracle, SQL Server).
• Private Azure resources (e.g., Azure SQL with private endpoints).
• AWS VPC-hosted services (e.g., RDS in a private subnet).

 

VNet Gateway
Exclusively for Azure resources with private endpoints (e.g., Databricks, Synapse, Storage Accounts).
• Cloud-native, requiring no on-premises infrastructure.
• Requires Power BI Premium licensing (P SKU/PPU).
• Traffic stays within Azure’s backbone, avoiding public internet exposur

 

Cloud Connection
• Use Case:
Connects directly to publicly accessible endpoints, such as:
• APIs (Wikipedia, Google Analytics).
• Public AWS/Azure services (S3 buckets with public access, Azure Blob Storage)

 

 

for your example

 Use a Cloud Connection:
• Directly connect via the public URL 
• No gateway required..

Message 7 of 10
780 Views
rodneyc8063
Helper I
Helper I
In response to nilendraFabric

‎03-04-2025 07:35 AM

Hi @nilendraFabric 

 

One small twist/clarification please

 

So if we have an Amazon hosted source and its publically available then we can simply use a "Cloud" connection? 

 

But if the Amazon hosted source is "private" then we would use an on premise gateway?

 

Many thanks for the quick and detailed reply! 

Message 8 of 10
774 Views
0
nilendraFabric
Community Champion
Community Champion
In response to rodneyc8063

‎03-04-2025 08:16 AM

Yes: Use a Cloud connection for public AWS sources (e.g., S3 public bucket) and an On-Premises Gateway for private AWS sources (e.g., RDS in a VPC).

Message 9 of 10
765 Views
rodneyc8063
Helper I
Helper I
In response to nilendraFabric

‎03-05-2025 09:20 AM

Many thanks for the clear answer!

Message 10 of 10
722 Views
0
Deku
Community Champion
Community Champion

‎03-03-2025 03:45 PM

I am using databricks and VNET. VNET must be attached to a capacity and can consume a reasonable amount of background resource. It is fully managed and with private end point all traffic goes through azure backbone, so no public internet. The downside is you are stuck with the drivers provided on gateway. We have a intermittent issue related to databricks driver that causes refreshes to fail. Waiting on databricks to update the driver and provide to Microsoft.


Did I answer your question?
Please help by clicking the thumbs up button and mark my post as a solution!
Message 4 of 10
819 Views
nilendraFabric
Community Champion
Community Champion

‎03-03-2025 12:28 PM

Hello @rodneyc8063 

 

While technically feasible, using an on-prem gateway requires robust network integration with Azure’s private endpoint infrastructure. For most Azure-native scenarios, Microsoft recommends the VNet gateway for simplicity, but existing on-prem gateways can work with proper network bridging.

 

The on-premises gateway must have network connectivity to the Azure VNet hosting Databricks’ private endpoint (via VPN/ExpressRoute or VNet peering)

The gateway machine must resolve the Databricks workspace URL

 

Message 2 of 10
859 Views
nilendraFabric
Community Champion
Community Champion
In response to nilendraFabric

‎03-03-2025 12:32 PM

Mixing gateways for cross-environment access is possible but introduces inefficiencies. Always align the gateway type with the data source’s location and network setu

Message 3 of 10
855 Views

Helpful resources

Announcements
March PBI video - carousel

Power BI Monthly Update - March 2025

Check out the March 2025 Power BI update to learn about new features.

March2025 Carousel

Fabric Community Update - March 2025

Find out what's new and trending in the Fabric community.

View All
Top Solution Authors
View All