All from the new Azure portal now! No powershell required!
Finally, its here, you can now easily create VNet-to-VNet and/or Site-to-Site VPN in GUI mode without using Powershell or visual studio.
Here is the step by step proccess followed to create a VPN connection between 2 Azure VNets:
- Create a Resource Group that will contain the first VNet. It will contain the VNet that represents our New Delhi preoduction subnet:
- Next, click New -> Networking -> Virtual Network to create a new VNet:
- Select Resource Manager as the deployment model and click Create:
- Fill in the details for the VNet including Name, Address Space, subnet address range and select the resource group created in the earlier step and click Create:
- Makes sure the VNet deployment succeeds:
- On the Subnets tab of the VNet Settings click Add to add a ‘GatewaySubnet‘.Note: The name of this subnet must be ‘GatewaySubnet‘ and the address range must not be larger than /16 or smaller than /29.
- Make sure the GaewaySubnet is created successfully:
- Next, click New -> Networking -> Virtual Network Gateway to add a virtual network gateway to the VNet (DelVNET) created above:
- Provide the details om the Create virtual network gateway tab and choose the VNet created above to attach it to the VNet:Note: The VNet name will appear greyed out if the GatewaySubnet has not been created as required in the previous step.
- Choose to create a new Public IP or attach an existing if created earlier:
- Keep the slection of VPN Type as Route-based as this is the type that supports VNET-to-VNET VPN connections:
- Select the Resource Group created earlier for the first VNet and click Create: Note: It takes around 30-32 mins for the successful creation of the VNet gateway.
- After the successful deployment of the virtual network gateway, go to VNet Gateway Properties and make a note of the PUBLIC IP ADDRESS allocated to this VNet Gateway:
- Go to the Connections tab and notice that there are no connections added to this VNet at this stage:
- Now, follow the similar steps to create the second Azure Virtual Network. Create a new Resource Group for VNet2 (LondonResGrp in this example):
- Create a new Virtual Network in this resource group. Provide the virtual network details and click Create:
- Once created successfully, add the ‘GatewaySubnet‘ to this virtual network as done for the first VNet:
- Make sure the GatewaySubnet is created successfully:
- Next, create a new Virtual Network gateway to associate it with the new VNet just created (LonVNET in this example) :
- Choose to create a new Public IP or add existing:
- Choose to add it to the existing resource group created already for LondonVNET and click Create:
- Once the Virtual network gateway is successfully created, make a note of its PUBLIC IP ADDRESS from the virtual network gateway properties:
- On the Connections tab, notice that there are no connections added at this stage:
- On the Connection Pane click Add. Provide the details including connection Name, type (leave default VNET-to-VNET) and the Second virtual network gateway to which the connection will be initiated (DelVNETGateway in this example):
- Type a preshared key (the same key will be used later while making connection from VNet 1 to VNet2), select the LonResGrp and click OK:
- Notice that the connection status is still shown as Not Connected:
- Repeat the above 2 steps to Add a connection to the DelVNETGateway (VNet 1) created earlier and initiate a connection to the LonVNETGateway (VNet 2) with the same preshared key:
- Once both the connections are created the connection status is shown as Connected in a few mins and the Bytes In and Bytes Out values can be read from the details pane of each connection:
- Here is a snip from Lon-ProdVM1 that resides in the LondonVNET. The WindowsAzure folder in the C drive has been Shared with everyone for Read access:
- To verify the cross-VNET connectivity, here is a snip of Del-ProdVM1 residing in the DelhiVNET. The share on \\10.12.1.4 (Lon-ProdVM1) can noow be accessed directly within the same network: