Azure – Networking – Part 12 – Azure VPN Network Gateway
Today, we will discuss about Virtual Network Gateway. It is a very useful service provided by Microsoft Azure. When we are taking about any hybrid solution in azure or if we are talking about a secure connection between Azure environment and our On-Premise environment, Virtual Network Gateway is considered as the base /root of this configuration. Let’s have a discussion on the basics of this component.
Tool Installation Articles :
- Configure Azure Command Line Interface ( Azure CLI) On Windows
- Configure PowerShell For Microsoft Azure Az Module On Windows
Previous Azure series :
- Learn Basics Of Azure Networking In 60 Hours
- Learn Basic Of Azure Active Directory And Azure Identity And Access Management
- Azure DevOps – Learn at one place
If you have missed our previous articles on networking, please check them in following links.
Next Article : Part 13 – Configure Azure Point-to-Site VPN
Virtual Network Gateway :
- A virtual network gateway is the software VPN device for our Azure virtual network.
- It helps to establish a connection between an Azure virtual network and our local network .
- A virtual network gateway is composed of two or more virtual machines that are deployed to only Gateway Subnet. No other resource should deployed to that subnet.
- Virtual network gateway VMs are configured to contain routing tables and gateway service specific to the gateway.
- It helps to establish a very secure connection to communicate encrypted data.
Type Of Virtual Network Gateway :
There are two different types of virtual network gateway. Each virtual network can only have one virtual network gateway of each type.
- VPN Network Gateway
It send encrypted traffic across the public Internet, when we use the gateway type ‘VPN’. This is also referred to as a VPN gateway. Point-to-Site, Site-to-Site and VNet-to-VNet connections all use a VPN gateway.
- ExpressRoute Network Gateway
It send network traffic on a private connection, when we use the gateway type ‘ExpressRoute’. In my last article we have discussed about ExpressRoute. To finalize the configuration of a new connection for ExpressRoute, we required a Express Network Gateway.
Connection Topology Diagrams For VPN Network Gateway :
There are different configurations available for VPN network gateway connections. We need to determine which configuration is matching with our requirements.
- Point-to-Site (VPN over IKEv2 or SSTP)
- Site-to-Site (IPsec/IKE VPN tunnel)
- Multi-Site (IPsec/IKE VPN tunnel)
- VNet-to-VNet connections (IPsec/IKE VPN tunnel)
- VNet peering
Create VPN Network Gateway through Portal :
Before we starts to create a new VPN Network Gateway, I have already created/configure my Virtual Network and Resource group. We can check following links about how to configure both of them.
We can also create both of the above resource, when we will configure virtual network gateway. Let’s start with the configuration.
1. Connect to your Azure portal dashboard using your subscription account. If you don’t have any subscription, in that case you can get trial Azure subscription with one-month of validity. Then you can connect to the azure portal dashboard as in following figure.
2. Try to find Virtual Network Gateways from marketplace as shown in the following figure.
3. On Virtual Network Gateways landing page, we can see all existing network gateways. If we want to create a new virtual network gateway, click Create Virtual Network Gateway or +Add button as shown in the following figure.
4. Provide all required information to create a new Virtual Network Gateway as shown in the following figure.
Now click Review + Create button to create the network gateway. As we can see in the following figure, the creation of virtual network gateway is underway.
It took around 30-45 minute to create and configure a virtual network gateway. Once it is created we can see the details of the newly created virtual network gateway as shown in the following figures.
We are ready with our VPN Network Gateway . Now we can configure our connections as per our requirement. No default connection comes with the creation of a virtual network gateway.
As we can see in the following figure, there are different connection type available. we can choose one of them as per our requirement.
Through VPN Network Gateway we can also configure Point-to-Site connection. In our next article, we will discuss, how to Configure Point-to-Site vpn Connection.
I hope this article helps you to understand the basic of Virtual Network Gateway and VPN Network Gateway.
My next article of this series is Part 13 – Configure Azure Point-to-Site VPN .
Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more.
If you have any suggestion / feedback / doubt, you are most welcome. Stay tuned on Knowledge-Junction, will come up with more such articles
Thanks for reading 🙂