In this article we will continue our discussion on Virtual Network Gateway. In our last article we discussed on how to configure Azure Point-to-Site VPN. Today we will discuss about one more important topic VNet-To-Vnet connection. So Let’s Start with basic of VNet-to-VNet connection.
If you have missed our previous articles on azure networking, please check it in following links.
- Connecting a virtual network (VNet) to another virtual network (VNet) works same way as connecting a virtual network with On-premise network (VNet-to-Site)
- Both VNet-to-VNet and VNet-to-Site uses Virtual Network Gateway.
- We can combine VNet-to-VNet communication with Multi-Site connection configuration.
- Use of Virtual Network Gateway provides a secure tunnel using IPsec/IKE.
- It allow us to establish network typologies that combine cross-promises connectivity with inter-virtual network connectivity.
VNet-To-VNet Connection can be establish in following scenarios.
- Both VNet in same or different regions.
- Both VNet in same or different Subscriptions.
- Both VNet in same or different deployment models.
I think we are now clear about VNet-to-VNet connections. Let’s try out with one practical example. In this example we will take the first option, where both VNet are in different region (West Europe and West US). Before start configuring the connection, let’s check the prerequisites for this connection.
- Two Resource Groups in different Region.
- Two VNet with two subnet each (one regular subnet and one gateway subnet)
- Two Virtual Machine in each resource group under regular subnet.
- Two Virtual Network Gateway.
I have already created the above resources in advance. Following are the links, which will help you get some basics of those resources.
As we have already created those resources for two different region.The following figure shown the Virtual Network (KJ_VNet) under “West Europe” region.
As in the above figure, the following figure shown the Virtual Network (MSTechs_VNet) under “West US” region.
Configure Gateway connections :
We have seen in the above figures that, we have two different VNet under two different region. Now it is time to create connections to establish a communication link between two VNet. To achieve this we need two different connections. One from KJ_VNet -to- Mstechs_VNet and the other one is from Mstechs_VNet -to- KJ_VNet.
Create KJ_VNet -to- Mstechs_VNet Connection :
- In the Azure portal, select All resources, enter virtual network gateway in the search box, and then navigate to the virtual network gateway for your VNet. For Example, Knowledge_Junction_Network_GW. Select it to open the Virtual network gateway page.
- Under Settings, select Connections, and then select Add to open the Add connection page.
- On the Add connection page, fill in the values for our connection
–> Name: Enter a name for your connection. For example, KJ_VNet–to–MStechs_VNet.
–> Connection type: Select VNet-to-VNet from the drop-down.
–> First virtual network gateway: This field value is automatically filled in because we’re creating this connection from the specified virtual network gateway.
–> Second virtual network gateway: This field is the virtual network gateway of the VNet that you want to create a connection to. Select Choose another virtual network gateway to open the Choose virtual network gateway page
- Select OK to save our changes.
Create Mstechs_VNet -to– KJ_VNet Connection :
Now we will create the second connection which will be the reverse connection. Let’s create a connection from Mstechs_VNet to KJ_VNet. In the portal, locate the virtual network gateway associated with Mstechs_VNet . Follow the steps from the previous section, replacing the values to create a connection from Mstechs_VNet to KJ_VNet. Make sure that we are using the same shared key as shown in the following figure.
After configured both connection , it will take some time to finish the configuration. We should check the status of both connection frequently. The configuration will finished when the status is “Connected ” as shown in the following figure.
Testing our VNet-to-VNet connections :
To test the connection let’s, login to one VM from each VNet and try to ping from one machine to other machine. We will see it success to ping.
Also if we check each connection, will find data input and output information as shown in the following figures.
I hope this article helps you to get basic information of configuring VNet-to-VNet connection.
Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more.
If you have any suggestion / feedback / doubt, you are most welcome. Stay tuned on Knowledge-Junction, will come up with more such articles
Thanks for reading 🙂