Introduction
This article helps out you to connect two virtual networks (VNets) by using VNet to VNet connection type, through Virtual Network Gateway in your Azure environment. And you can create virtual networks in two different regions and also different subscriptions as well.
Prerequisites
- Two Resouce Group (RG)
- Two Virtual Networks (VNet)
- GatewaySubnet
- Two Virtual Network Gateway (VPNGw)
This is my Demo LAB setup, and I have done the clear steps of the configuration.
Step 1
Sign into your azure portal.
Step 2
You must make sure your RG and VNet are created or not. In my case, I have created already Shanuka-RG>Shanuka-VNet.
Step 3
Before going to create Virtual Gateway need to make sure GatewaySubnet Navigate to Shanuka-VNet> Select Subnet> GatewaySubnet> once you click GatewaySubnet it will automatically pick the IP address and Subnet name.
Step 4
Successfully created subnet gateway
Configure a Virtual Network Gateway
- Resource Group: Shanuka-RG
- Name: Shanuka-VPNGw
- Region: East US
- SKU: VpnGw1
- Generation: Generation1
- Virtual Network: Shanuka-VNet
- Subnet: GatewaySubnet (10.190.1.0/24)
- Gateway type: VPN
- VPN type: RouteBased
- Enable active-active mode: Disabled
- Configure BGP: Disabled
- Public IP address: Shanuka-Pub-IP
Step 5
Navigate to your Shanuka-RG> and search Virtual Network Gateway and create it
Step 6
Please follow the appropriate steps
Step 7
Here have the option to choose SKU In my case, I have chosen VpnGw1 as per your requirement you can choose. You can check the SKU throughput by using the below link.
About Azure VPN Gateway | Microsoft Docs
Step 8
Set your Public IP name and Review and Create
Note: It will take an estimated time of 45 minutes to create a VPN Gateway
Step 9
Virtual Network Gateway is successfully created.
Create a Local Network Gateway configuration step by step
Prerequisites
- Two VNets
- Two Virtual Network Gateway
In my case, I have created according to my above scenario
Configure a Local Network Gateway
- Resource Group: Shanuka-RG
- Name: Shanuka-LNG
- Region: East US
- Endpoint: IP address
- IP address: 20.254.151.198 (Use your remote site public ip)
- Address Space: 172.16.0.0/16
Step 1
Select your specified resource group (RG) and Go to Marketplace>Type Local Network Gateway> Create it.
Step 2
Following the appropriate steps and review and create
Important: Make sure your Endpoint details are corrected
- Endpoint IP Address is your opponent's Public Address (Public-IP)
- Address Space is (VNet-IP)
In my case, I have added my Test-RG VPN Gateway details here
Step 3
Successfully created my Local Network Gateway (LNG)
Add Connection configuration Steps
Step 1
Navigate to your Virtual Network Gateway Shanuka-VPNgw>Connection>Add Connection
- Name: Shanuka-Test
- Connection type: VNet-to-VNet
- The “First Virtual Network Gateway” (Shanuka-VPNGw)automatically picks up
- You have select only “Second Virtual Network Gateway” (Test-VPNGw)
- Shared Key (PSK): For Example “123@Abc” you can put any keys here. In my case, I have done with the 123@Abc
Step 2
Successfully connected my VNet-to-VNet Tunnel VPN.
Conclusion
This article taught us how to Implement IPsec for VNet-to-VNet using by VPN gateway. And if you have any questions please contact me.
Thanks.