Azure VPN

Azure VPN

VPN Gateway

You can use VPN Gateway to connect an Azure network and your network On premise. So you can have your ressources on azure and on local Network.

How to configure VPN Gateway

Before configure VPN Gateway, access to the Azure Portal (https://portal.azure.com/) and click New / Networking / Virtual Network.

Azure VPN

Leave Resource Manager in the deployment model drop-down list and then click Create.

Azure VPN

Configure the various fields and then click Create. The creation of the Vnetwork is done.

Azure VPN

Is now necessary to specify a DNS server. From the Browse menu, select virtual networks and then the Vnetwork previously created, in the settings menu, click DNS Server. Configure the DNS server you want. With no DNS server in AZURE, I use 8.8.8.8. Click savefor validate your modification.

Azure VPN

It is now necessary to undertake the creation of a subnet Gateway to the virtual network. The gateway subnet you create must be named GatewaySubnet or it will not work properly. In the settings panel, click subnets, and then click the icon + subnet. Enter GatewaySubnet in the name field and the desired address range. Click OK to create the subnet.

Azure VPN

It is now necessary to create the virtual network Gateway. In the Azure portal, click New / Networking / Virtual Network Gateway.

Azure VPN

Set the fields as desired. Regarding the type of VPN with no router (Cisco, Juniper,…) I used the feature routing and remote access on a Windows Server 2012 R2 server. The type based on strategies is not supported with RRAS. To find out what type of VPN can be used, it is possible to use this link:
Azure Link

Click Create to create the Gateway.

Azure VPN

Wait until the bridge is fully created. When the gateway has been creaated, go to the properties of the bridge to see the assigned public IP address./p>

Azure VPN

Before creating a VPN connection, it is necessary to create a local network Gateway. In the Azure portal, click on New / Networking / Local network gateway.
The local network gateway refers to your on-premises location. You’ll give the local network gateway a name by which Azure can refer to it.

Azure VPN

Enter the name you want as your On-Premise gateway IP address (the IP address used in production, it is not visible. Enter the address used in the local network as well as the resource group you want. Click create.

Azure VPN

You can now create your VPN Connection. In the virtual network Gateway settings, click Connections. And then click Add.

Azure VPN

Enter the desired name and select the connection Type drop-down list, the value Site to Site (IPSec). Select the created gateways created earlier. Finally enter a PSK key (only of number and letters). Click OK.

Azure VPN

Now it’s time to connect the two sites (on premise and Azure). Initially a VM running 2012 R2 has been installed. Subsequently the role routing and remote access has been added. The options selected in the wizard are as follows

Configuration Windows
Select custom configuration.

Azure VPN

In the next window, select the VPN access and network routing checkboxes.

Azure VPN

Click Finish and Start the service. In the console, right-click on network interface, and then select new demand-dial interface.

Azure VPN

Select the name of the interface, and then click Next.

Azure VPN

Leave the default value in the window “Type of connection” (default value : connect using a virtual private network). In the virtual network type window, select IKZv2, and then click Next.

Azure VPN

Enter the IP address of your gateway Azure (Virtual Network Gateway) and click Next.

Azure VPN

In the protocols window and security, let select route IP packets on this interface and click Next.

Azure VPN

Click Next on other Windows and Finish for create the network interface. A new interface is present in the console.

Azure VPN

We will complete the configuration of the new interface by entering the previously configured PSK (shared key). Go to the properties of the interface, and then click the Security tab. Check use a pre-shared key for authentication and enter the value of the key.

Azure VPN

On the Options tab, configure the connections to be permanent.

Azure VPN

In order to route ip packets, a static route has been added to the IPV4 console / static route. It is necessary to inform the iD of the virtual network, the network interface and the subnet mask to use.

Azure VPN

My LAN connected to the Internet through a router, I have of the performed a port forwarding(TCP/UDP 50, UDP 500 and UDP 4500). Subsequently the connection could be initiated by the connection (right click / Connect).

Azure VPN

Returning in virtual network gateway in the Azure portal, the connection has changed state. She now has the connected state.

Azure VPN

A data exchange is already made between the two sites. Click on the connection in order to get more information.

Azure VPN

I have created a virtual machine in Azure using the VMNetwork created earlier and it is possible since my VM 2012 R2 on-premises to hand (remote desktop) on this virtual machine. Thus, it would be possible to access any other resource using the VMNetwork in Azure

Azure VPN

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.