VPN connectivity between client premise (On-prem) and Azure is made possible via Azure VPN gateways.
This lesson demonstrates how to configure site to site VPN using the Azure portal to connect your on-premises network to the Azure VNet using a site-to-site VPN gateway.
You can do this using Azure CLI or Azure PowerShell also.
These are the step for Crete VPN with Azure portal,
• Create a virtual network
• Create a VPN gateway
• Create a local network gateway (representation of on-prem Network)
• Create a VPN connection
• Verify the connection
1.Create a virtual network
In this section, we are going to create a virtual network (VNet).
Sign in to the Azure portal and Search resources, service, and docs, type virtual network.
On the Virtual network page, select Create. This opens the Create virtual network page.
On the Basics tab, configure the Vnet settings for specific Project.
Select IP Addresses to advance to the IP Addresses tab. On the IP Addresses tab, configure the settings.
When creating a virtual network please ensure that the address space cannot overlap with the other network. Plan your network configuration accordingly.
Select Review + create to validate the virtual network settings.
After the settings have been validated, select Create to create the virtual network.
Now after few seconds you can see the Vnet settings,
2. Create a VPN gateway
In this step, you create the virtual network gateway for your VNet. Creating a gateway can often take 45 minutes or more, depending on the selected gateway SKU.
Search resources, service, and docs, type virtual network gateway.
Now you need to configure VPN gateway within the same region as earlier.
In here to connect the VPN gateway we need special subnet called Gateway subnet and that also can create with the VPN gateway creation process.In this simulation we are using the 192.168.10.32/27 sub network as Gateway subnet.
Also we need to create Public IP for the VPN Gatetway.
Select Review + create to run validation.
Once validation passes, select Create to deploy the VPN gateway.
As we mentiond we need to wait some time to deploy the VPN Gateway.
Now VPN Gateway succesfully created and you can check the configuration with below window.
Also you can check the gateway public IP address information with the link.
Also now you can see the newly created gateteway subnet informations with Virtual Network ,
3.Create a local network gateway
The local network gateway is a specific object that represents your on-premises network for routing purposes.
Most probably this can be your on-prem firewall device or VPN router.
In this demonstration we are going to use Windows Server Virtual Machine(VM) as the On-prem VPN device with Microsoft RAS server role.
These are the information related to this VM.
As we mentioned now, we need to represent this information in the Azure with Local Network Gateway.
Now going to create a local network gateway,
Search resources, service, and docs, type local network gateway.
You need assign the site a name by which Azure can refer to it, then specify the IP address of the on-premises VPN device to which you’ll create a connection.
You also specify the IP address network(prefix) information that will be routed through the VPN gateway to the VPN device.
The address prefixes you specify are the prefixes located on your on-premises network. (On-prem private IP Address of your LAN networks.) in this demo we are using the IP network 192.168.16.0/24 for On-prem.
If your on-premises network changes happens or you if you need to change the public IP address for the VPN device, then you can easily update the values later anytime.
Select Review + create to run validation.
Once validation passes, select Create to deploy the local network gateway.
4.Create a VPN connection
now going to Create a site-to-site VPN connection between your virtual network gateway(azure) and your on-premises VPN device.
On the Add connection page you need to define specific parameters reated to VPN conection.
Select OK to create your connection. You’ll see Creating Connection flash on the screen
You can view the connection in the Connections page of the virtual network gateway.
With this page you can easily download the configuration file that you need to configure On-perm devices related to some venders.
but in this demo we are not going to use it becouse as a On-prem device we are going to use windows server VM.
On-prem Server Configurations
To configure windows server as VPN device we need to install Remote access server role for Server VM.
After the role installation follow below guidline to configure VPN connection.
Select Configure and Enable Routing and Remote Access
Now we need to enter Aure VPN gateway Public IP.we can get that information using the azure portal.
No need to provide any credentilas,
Now select the Network Interface that we created and go to properties,
Modify the Security parameters with pre-shared key
Now you can conect.
After few second you can verify that VPN conection succesfully implemented with Azure VPN gateway.
You can verify the VPN connection status with Azure portal also,
Now we can see VPN in-between Azure and On-prem network successfully connected.
Now we can access the azure resources from On-prem and On-prem Resources from Azure.
To simulate this now we are going to implement Virtual Machine inside the Azure tenant.
5. Verify the connection
Now you check the conectivity inbetween Azure VM and On-prem Virtual Machine.
486 total views, 4 views today