S2S VPN Configuration To configure an S2S VPN tunnel using Azure VPN Gateway, we will use a Windows server with RRAS features installed. This will work as the equivalent of an on-premises appliance that would typically run a persistent connection with the VPN gateway. An S2S tunnel is typically designed to be persistent: Figure 17.29 […]
VNet to VNet connections – Integrating On-Premises Networks with Azure
VNet to VNet connections Configuring a VNet-to-VNet connection is a simple way to connect VNets. Connecting a virtual network to another virtual network is similar to creating an S2S IPSec connection to an on-premises environment. Both the connection types use Azure VPN Gateway. The VPN gateway provides a secure tunnel IPsec/IKE and they communicate in […]
Azure Virtual WAN – Integrating On-Premises Networks with Azure
Azure Virtual WAN Azure Virtual WAN provides a mechanism for a managed hub-and-spoke network within Azure. It consolidates all your endpoint connection types into a single service that simplifies the management of your complex networks and enables transitive network functionality. The following diagram shows an illustration of the various interconnections that may be employed in […]
Creating a VPN Site – Integrating On-Premises Networks with Azure
Creating a VPN Site In this exercise, you will create your first VPN site for the Virtual WAN: 4. Enter the following details and click Next : Review + create >. Here, Link Speed refers to the speed in MBps of the line, and Link IP address/FQDN is your VPN server/NVA device that you are […]
Connect to your VPN site – Integrating On-Premises Networks with Azure
Connect to your VPN site Now that your site is connected to the hub, you can connect to this using your VPN server: Figure 17.41 – Gateway scale units Figure 17.42 – Public IP Address Figure 17.43 – Static route Figure 17.44 – IKEv2 key Figure 17.45 – RRAS VPN connection You have now experienced […]
Network Watcher – Monitoring and Troubleshooting Virtual Networking
Network Watcher Azure Network Watcher is a network monitoring solution that provides tools to diagnose, monitor, and view metrics and logging for resources in an Azure virtual network. This includes application gateway traffic, load balancers, and ExpressRoute circuits. Azure Network Watcher offers the following capabilities: Network Watcher will be automatically enabled when a new virtual […]
Network diagnostic tools – Monitoring and Troubleshooting Virtual Networking
Network diagnostic tools There are several network diagnostic tools presented to you in Network Watcher. You can, for instance, diagnose network traffic filteringfor VMs, determine the next hop of your traffic on route to an intended destination, or even identify why a VM is unable to communicate with other resources because of a security rule. […]
Effective security rules – Monitoring and Troubleshooting Virtual Networking
Effective security rules This is usedto determine the overall effective security rules applied to your VM and will combine all relevant NSG rules together to display the net rule effect. This can be extremely helpful when assessing why your traffic is blocked and where you have several NSGs. VPN troubleshoot This isused when there are […]
Configuring Network Watcher – Monitoring and Troubleshooting Virtual Networking
Configuring Network Watcher Now that you understand what Network Watcher is, we will explore in the following sections how to configure and use the various components available to the service. Network resource monitoring In this demonstration, we are going to monitor the network on VMs. For this demonstration, create three Windows Server 2016 data center […]
Enabling Network Watcher – Monitoring and Troubleshooting Virtual Networking
Enabling Network Watcher To enable Network Watcher in a specific region, take the following steps: Figure 18.9 – Selecting All Services Figure 18.10 – Selecting network watcher Figure 18.11 – Selecting your Network Watcher Top Tip Note that upon deploying your first VNet in an Azure region, Azure will automatically create the associated NetworkWatcher_ resource. […]