Can a DaaS system have many site to site vpn connections (100 or more)?
Can a DaaS VPN connection utilize a DNS name instead of a public IP address for the remote client for accommodating remote sites that may not have a fixed static IP but could utilize DDNS to identify the current public IP for the connection?
Can a customer secure RDP access to the DaaS system to be able to configure XML files for things like SMTP server changes, map configuration files, etc, or do all such changes have to go through the DaaS support team?
For request such as configuring XML files, SSO, etc, the event these things have to be figured by Skyline Das Engineers, is there a per hour charge or service credits required that goes along with such requests?
Is there a process to migrate an on-premise system to DaaS?
Hi Michael
- Yes, A DaaS can have multiple Site-to-Site vpn connections
- By default we deploy VpnGw1AZ SKU of the Virtual Network Gateway, which allows 30 tunnels and has a bandwith of 650 Mbps
- VpnGw4AZ SKU allows 100 connections, but comes with an extra price
- Azure recommends to use a Virtual WAN if you need more than 100 tunnels.
- For your own reference: About Azure VPN Gateway | Microsoft Learn
 
- Yes, we can use the FQDN / DDNS name.
- No, we do not allow our end-users to RDP to the DaaS system, DaaS is a service and the requests should be sent either via the Technical Account Manager, TechSupport or DaaS Support.
- There is no charge for default DataMiner configuration.
- Migrations can be done via exporting / importing.
 Exporting elements, services, etc. to a .dmimport file | DataMiner Docs
Best regards,
Thomas

Hi Michael,
Whilst not having RDP access does indeed limit the available options. Through various functions in DataMiner it's still possible to do quick iterations of testing network connectivity by means of the Automation module or with a few lines of code as a Scripted Connector.
These alternatives can help out troubleshooting without the need for the continuous fully fledged connectors such as Generic Ping & Generic Port Monitor.
If you would have the need for the continuous monitoring of these then said connectors are still the best bet.
You mention the significant cost associated, but note that with the usage-based services model you get access to these connectors and metering determines the cost.(https://docs.dataminer.services/dataminer/About_DataMiner/Pricing/Pricing_Usage_based_service.html).

Follow up question: for doing something like configuring map configuration files, updating map configuration files, running "what's My Size" in order to better estimate the metric count, using Wireshark to examine packet structure, etc, it seems like there aren't really workarounds to much of that activity. Is there any special consideration that can be given to open up RDP access to a specific internet source IP and with a set of windows permissions that allow for the configuration of these types of files and running the aforementioned applications for troubleshooting purposes?

Note that it is technically perfectely possible to give you RDP access, and we can also make an exception from our policy, especially if we are dealing with an experienced DataMiner engineer 😉

Thanks for jumping in Bert. I think it's pretty critical for the workflows for a project I am working on that we would be able to RDP from certain source IP's. I'll send an email to the DAAS team with a request.
 
			
Without RDP, if becomes very difficult to perform a variety of troubleshooting or development functions. For instance, you don’t have a way to ping a device to validate network connectivity. You can run an IP scanner to verify firewall ports are open between the remote VPN gateway and other devices on the remote network. Same thing with using a MIB browser for development. These are rather common tools for deploying and maintaining a dataminer solution. While it is possible to use drivers like Generic Ping and Generic Port Monitor, this comes at a very significant cost to utilize the connectors compared to using the standard tools built into windows, or common freeware like a min browser.