In our previous article, we have learned how to configure Azure Site-to-Site VPN. Now, let us learn to connect our On-premises server to Azure Virtual Server using Routing and Remote Access.
Before this demo, check out my previous article about implementing Azure Site-to-Site VPN
here.
Step 1 - Server Manager in Server 2016
In the Server Manager, click the “Add roles and features”.
Step 2 - Selecting Remote Access
In the Role section, we need to select “Remote Access” and then click "Next".
Step 3 - Adding Features
When we select Remote Access, we will get the pop-up, i.e., “Add features that are required for DirectAccess and VPN (RAS)”?, so click Add Features, and then click “Next”.
Step 4 - Selecting Role Services.
Under the Role Services, we have to select “DirectAccess and VPN (RAS) and Routing” and then click "Next".
Step 5 - Web Server Role (IIS)
In the Web Server Roles (IIS) part, we don’t want to select anything, so click Next, and then click "Install" to complete the Installation Wizard.
Step 6 - Deploy VPN Only
After installing the Remote Access, we will receive the notification to “Configure Remote Access”, so Click “Deploy VPN Only”.
Step 6 - Enabling Routing and Remote Access
Now we can find our Local Server (SL-VM) under the Routing and Remote Access. Now it’s disabled, so right click the local server, and then Click the “Configure and Enable Routing and Remote Access”.
Step 7 - Selecting Secure Connection
In the Configuration wizard we need to select “Secure connection between two private networks”, and then click Next.
Step 8 - Demand-Dial Connections
Now we need to setup demand-dial connection, so select “Yes”, and then click Next.
Step 9 - Assigning IP Address for VPN Clients
In the IP address assignment, if we have a DHCP server we can select "Automatically," otherwise we need to assign the IP address manually. In this part we already assigned DHCP, so select “Automatically” and then click Next.
Step 10 - Completing the Wizard
Click the Finish button to start the VPN Deployment.
Step 11 - Demand-Dial Configuration
After finishing the Routing and Remote access server setup wizard, the Demand-Dial Interface Wizard will automatically prompt, so click Next to start the deployment.
Step 12 - Assigning the Interface Name
Now we need to assign our VPN Connection name. In this demo we can type “Azure VPN”, and then click Next.
Step 13 - Selecting the Connection Type
In this part we need to select our connection type. We need to connect using VPN so select “Connect using Virtual Private Network (VPN)”, and then click Next.
Step 14 - VPN Connection Type
Now we need to select the protocol, for Site to Site VPN we can select “IKEv2”, a VPN encryption protocol. So select “IKEv2” and then click Next.
Step 15 - Destination Address
Now we need to add our Azure IP Address because our server is running in Azure. So we need to add our Azure Gateway IP Address, so enter the Azure IP address and click Next.
Step 16 - Protocol and Security
In the transport and security part, we need to select “Route IP packets on this interface”, and then click Next.
Step 17 - Assigning Remote Network Private IP Address
In the Static Routers for Remote Networks, we need to add our Azure Private IP address range, so click “Add” and enter the Azure Private IP address range and click Ok.
Step 18 - Dial-Out Credentials
In the Dial-Out Credentials information we don’t create any Username or Password, so leave it blank and click Next, and in the next wizard you can click the “Finish” button to close the wizard.
Step 19 - Azure VPN Properties
After successfully creating the VPN connection we need to configure the connection, so right click the AzureVPN Connection and then Click “Properties”.
Step 20 - Dialing Policy
In the Options Tab, we need to select the “Redial Attempts”, it’s under the Dialing Policy.
Step 21 - VPN Security Settings
In the Security Tab, we need to select the type of VPN as IKEv2, and we need to add the “Preshared Key”. We have already created this key in Azure, so enter the key, and click Ok.
Step 22 - Connect to Azure
We have successfully configured the settings, and the status is disconnected, so right-click the AzureVPN and click "Connect".
Step 23 - Successfully Connected
Now, we can verify that our AzureVPN is successfully connected.
Summary
In this demo, we learned how to connect our On-Premises Server to Azure Server using Routing and Remote Access. We have already configured Site to Site VPN in Azure. If you have any clarification feel free to comment.