Azure site-to-site VPN connection—Part 1: Create the virtual network

• Author
• Recent Posts

Mohamed Wali

Mohamed is a cloud infrastructure expert with experience in engineering and implementation in AWS and Azure. He currently works as a Cloud Infrastructure Architect at Amazon Web Services.

Latest posts by Mohamed Wali (see all)

• EC2 Image Builder: Build your golden VM images on AWS - Wed, Jan 19 2022
• Configuring DFS Namespaces for Amazon FSx for Windows file servers - Fri, Jan 7 2022
• AWS Systems Manager Session Manager: Securely connect EC2 instances - Wed, Dec 22 2021

Basically, site-to-site VPN aims to extend your on-premises environment to Azure when you want to follow the hybrid cloud model, where you have some applications running on premises and some applications running on Azure. Also, you might plan to build your disaster recovery site on Azure, and in this scenario, you have to build a site-to-site VPN connection with Azure.

Create a virtual network

First off, you need to have a virtual network dedicated to the workloads and applications that would communicate with the on-premises environment. To build your virtual network, you have to follow the next steps:

1. Navigate to Azure Portal, open the Virtual Networks blade, and click Add.
2. This will take you to a new blade that needs the following fields:
   1. 1. Name: The name of the virtual network.
      2. Address space: The virtual network's address range in classless inter-domain routing (CIDR) notation.
      3. Subscription: The subscription for charging the virtual network usage.
      4. Resource group: The resource group in which the virtual network will exist.
      5. Location: The location for building the virtual network.
      6. Subnet name: The name of the first subnet in the network.
      7. Address range: The address range of the subnet.
   

   Creating an Azure virtual network

3. Click Create. After a short time this will create the virtual network.

Configure virtual network subnets

As you have seen in the virtual network creation, I've configured the first subnet in the virtual network. However, we need to add a gateway subnet to use for the virtual network gateway. Therefore, you will have to navigate to the virtual network already created. Under Settings, click on Subnets.

Azure virtual network subnets

1. Click +Gateway subnet to add a gateway subnet.
2. This will take you to a new blade where you have to specify the address range of the gateway subnet, and then click OK
   

   Adding a gateway subnet

3. Clicking on OK will create and associate the gateway subnet to the virtual network.

In my next post, we will configure the Azure VPN and the local VPN.