ExpressRoute – Integrating On-Premises Networks with Azure

2021-05-102021-05-10| Zoe PetersonExpressRoute – Integrating On-Premises Networks with Azure| 0 Comment| 10:06 AM
Categories :

ExpressRoute

ExpressRoute offers a private connection that is facilitated by a connectivity provider. ExpressRoute connections don’t go over the public internet, but they use a more reliable connection. These types of connections offer lower latencies, higher security, and faster speeds than connections that go over the internet. You can use it to extend your on-premises networks to Azure and Office 365. Connections can be made from an any-to-any (IP VPN) network, a virtual cross-connection at a co-location facility, and a point-to-point Ethernet network connection.

ExpressRoute uses a virtual network gateway, which is configured with a gateway type of ExpressRoute instead of a VPN. By default, the traffic is not encrypted, but you can create a solution that encrypts the traffic that goes over the ExpressRoute circuit.

The following diagram shows an ExpressRoute connection from an on-premises environment to Azure:

Figure 17.4 – ExpressRoute VPN tunnel

Now that we have looked at the different types of VPN connections you can configure, we are now going to create and configure an Azure VPN gateway.

Creating and configuring an Azure VPN gateway

In the upcoming sections, we are going to configure an Azure VPN gateway, configure an S2S VPN, and verify the connectivity between Azure and the on-premises environment.

We are going to use Windows Server 2019 with the Routing and Remote Access Service (RRAS) enabled to serve as the compatible VPN device that is installed on theon-premises environment.

Creating and configuring an Azure VPN gateway To create a VPN gateway, you can perform the following steps to follow along in our example:

  1. Create a new resource group named AZ104-VPNGateway.
  2. Click + Create on the Overview screen for the resource group.
  3. Type vpn gateway in the search bar and press the Enter/Return key. Click Virtual network gateway from the options that are returned:

Figure 17.5 – Choosing VPN gateway

  1. Click Create.
  2. Enter the following and click Review + create:
  • Subscription: Select your Azure subscription.
  • Name: az104gateway.
  • Region: West Europe (or select what you prefer).
  • Gateway type: VPN.
  • VPN type: Route-based.
  • SKU: Basic.
  • Generation: Generation1.
  • Virtual network: Use an existing VNet or create a new one named az104gatewayvnet.
  • Public IP address: Create new.
  • Public IP address name: az104gatewayip.
  • Public IP address SKU: Basic.
  • Assignment: Dynamic.
  • Enable active-active mode: Disabled.
  • Configure BGP: Disabled.

6. The creation of the resource takes about 45 to 60 minutes so it’s a good time to grab some coffee and reflect on your learnings so far.

You have now deployed a VPN gateway. Next, we will explore the creation of an S2S VPN connection using the Gateway service. First, we will need a VM to act as the VPN server.
 
 
 

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

S2S VPN connections – Integrating On-Premises Networks with Azure

2021-06-152021-06-15 Zoe PetersonS2S VPN connections – Integrating On-Premises Networks with Azure

S2S VPN connections An S2S VPN gateway connection is a connection over an IPsec/IKE (IKEv1 [...]

Read MoreRead More

Creating NSG rules – Securing Access to Virtual Networks

2024-05-202024-05-20 Zoe PetersonCreating NSG rules – Securing Access to Virtual Networks

Creating NSG rules Now that we have associated the NSG with its default rules with [...]

Read MoreRead More

Creating the load balancer – Configuring Load Balancing

2023-03-052023-03-05 Zoe PetersonCreating the load balancer – Configuring Load Balancing

Creating the load balancer Now, we can create the load balancer using the Azure portal [...]

Read MoreRead More