How to Create a Site 2 Site Azure VPN

Share on linkedin
LinkedIn
Share on twitter
Twitter
Share on facebook
Facebook
IT Networks How-To Logo

One of the first steps when moving from your on-premise infrastructure to the cloud is establishing a VPN between the two. While you could just open your Azure Cloud Infrastructure to the whole internet, this obviously comes with many risks and is not recommended unless it is by design and the necessary security is implemented to secure access.

A Virtual Private Network, or site-to-site VPN between your office and Azure is much more secure. It is also not too hard to do!

Setting Up The Azure VPN:

Prerequisites:

  • An existing Azure Virtual Network and Virtual Network Subnet

Instructions:

  1. Log into https://portal.azure.com and head over to the marketplace
  2. Search for ‘Virtual Network Gateway’ then create this:
    Create a site to site Azure VPN
  3. Create the Gateway as follows
    VPN Gateway Settings
    • Virtual network = Create a Virtual Network or choose one
    • You typically will only need a network size of /29 – you can go larger, but this is wasteful.
  4. Create a ‘Local Network Gateway’ from the marketplace
    Local Network Gateway Settings
    • Name = Give this the name of the site you are connecting e.g. Melbourne office
    • IP Address = This is the public IP of your Office router
  5. Head back to your Azure Dashboard and open the Virtual Network Gateway you created earlier
  6. Click on Connections then Add
    Connection Settings
  7. Enter in the details as follows:
    Connection Details
    Local Network Gateway = Choose the one created in Step 4
  8. Once the connection has been added open it and click Download configuration.
    Download Configuration
  9. For this example I have downloaded a Cisco IOS based configuration
  10. Edit the downloaded *.txt file as required for your network and apply it to your router
  11. All done

As always, if you require any assistance, please reach out to us.