VNet to VNet connections – Integrating On-Premises Networks with Azure

VNet to VNet connections

Configuring a VNet-to-VNet connection is a simple way to connect VNets. Connecting a virtual network to another virtual network is similar to creating an S2S IPSec connection to an on-premises environment. Both the connection types use Azure VPN Gateway. The VPN gateway provides a secure tunnel IPsec/IKE and they communicate in the same way. The difference is in the way the local network gateway is configured.

When you create a VNet-to-VNet connection, the local network gateway address space is automatically created and populated. If you update the address space for one VNet, the other VNet automatically routes to the updated address space. This makes it faster and easier to create a VNet-to-VNet connection than an S2S connection.

Top Tip

To create a VNet-to-VNet connection from the Azure portal, you can refer to the following tutorial: https://docs.microsoft.com/en-us/ azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-resource-manager-portal.

Create and configure Azure ExpressRoute

In the following exercise, we will explore the creation of an ExpressRoute circuit. We will only emulate the deployment as it typically includes involvement from a provider with a corresponding circuit configuration at the edge to join Azure:

1. Create a resource group named AZ104-ExpressRoute in West Europe.
2. Click in the search bar at the top of the Azure screen and type express route, and then press Enter/Return. Click ExpressRoute circuits from the options that appear:

Figure 17.32 – Deploying an ExpressRoute circuit

3. Enter the following and click Next : Configuration >:

• Subscription: Select your Azure subscription.

• Resource Group: AZ104-ExpressRoute.

• Region: West Europe (or select what you prefer).

• Name: az104expressroute.

4. Depending on how you have procured your ExpressRoute circuit, this will determine what options you select next. Since this demonstration will not really be an ExpressRoute connection, we will configure it as follows and click Review + create:

• Port Type: Provider.

• Create new or import from classic: Create new.

• Provider: Select a provider.

• Peering Location: Select a location.

• Bandwidth: 200Mbps.

• SKU: Standard.

• Billing model: Metered.

• Allow classic operations: No.

Figure 17.33 – ExpressRoute configuration

5.   Click Create.

For the completion of setting up an ExpressRoute circuit connection, you will need to contact your ExpressRoute provider and confirm the circuit numbers as part of your deployment. You will provide them with the service key associated with the circuit you have deployed in Azure.

For additional reading and guidance on the deployment steps, you can read these articles:

• ExpressRoute overview: https://docs.microsoft.com/en-us/azure/ expressroute/expressroute-introduction

• Create and modify an ExpressRoute circuit: https://docs.microsoft. com/en-us/azure/expressroute/expressroute-howto-circuit-portal-resource-manager

Now that you understand how to configure an ExpressRoute circuit, you can feel confident in starting the deployment in your organization. Next, we will explore Azure Virtual WAN.