Introduction
This article shows you how to use the Azure portal to create a Site-to-Site VPN gateway connection and Deploy a VPN gateway appliance from your Alibaba Cloud portal and connect it to the VNet.
This guide will provide quick steps to configure Site-to-Site.
On Azure:
1. Create a virtual network
To create a VNet in the Resource Manager deployment model by using the Azure portal, follow the steps below.
1. From a browser, navigate to the Azure portal and sign in with your Azure account.
2. Click New. In the Search the marketplace field, type 'virtual network'. Locate Virtual network from the returned list and click to open the Virtual Network page.
3. Near the bottom of the Virtual Network page, from the Select a deployment model list, select Resource Manager, and then click Create. This opens the 'Create virtual network' page.
1. From a browser, navigate to the Azure portal and sign in with your Azure account.
2. Click New. In the Search the marketplace field, type 'virtual network'. Locate Virtual network from the returned list and click to open the Virtual Network page.
3. Near the bottom of the Virtual Network page, from the Select a deployment model list, select Resource Manager, and then click Create. This opens the 'Create virtual network' page.
2. Create the gateway subnet
- In the portal, navigate to the virtual network for which you want to create a virtual network gateway.
- In the Settings section of your VNet page, click Subnets to expand the Subnets page.
- On the Subnets page, click +Gateway subnet at the top to open the Add subnet page.
- The Name for your subnet is automatically filled in with the value 'GatewaySubnet'. The GatewaySubnet value is required in order for Azure to recognize the subnet as the gateway subnet. Adjust the auto-filled Address range values to match your configuration requirements.
- To create the subnet, click OK at the bottom of the page.
3. Create the VPN gateway
- On the left side of the portal page, click + and type 'Virtual Network Gateway' in the search box. In Results, locate and click Virtual network gateway.
- At the bottom of the 'Virtual network gateway' page, click Create. This opens the Create virtual network gateway page.
- On the Create virtual network gateway page, specify the values for your virtual network gateway.
4. Create the local network gateway
The local network gateway typically refers to your on-premises location. But here we are connecting to Alibaba cloud VPN gateway appliance. So You give the site a name by which Azure can refer to it, then specify the IP address of the Alibaba cloud VPN device to which you will create a connection.
Create the VPN connection
Create the Site-to-Site VPN connection between your virtual network gateway and your Alibaba cloud VPN device.
- Navigate to and open the blade for your virtual network gateway. There are multiple ways to navigate. In our example, we navigated to the gateway 'VNet1GW' by going to TestVNet1 -> Overview -> Connected devices -> VNet1GW.
- On the blade for VNet1GW, click Connections. At the top of the Connections blade, click +Add to open the Add connection blade.
Configuration of the Alibaba Cloud Portal
Login to you Alibaba Cloud Portal and open another browser tab. Look for Alibaba cloud marketplace.
Go to the search space at right-hand corner and find “FlexGW IPsec VPN on CentOS”
Deploy the appliance as an instance in the default VPC.
Once deployed, reset the password and restart the VM.
Navigate to IPSEC VPN and click on create a tunnel.
Make sure the PSK (Shared Key) is same on both the sides.
Click on Save and it should start connecting to the Azure VPN gateway and you should be able to see the status as below
On Azure Portal:
To test it further, you can deploy a virtual machine on both sides and do a ping test.
I deployed an Ubuntu VM on Azure and on Alibaba.
The virtual machine on Azure with the below private IP:
Virtual Machine on Alibaba with its private IP:
Note: the catch is since, on Alibaba Cloud we have deployed VPN GW as an instance, we have to make sure the “Route Entry” is added to use the ECS instance to reach a particular CIDR.
And there you go:
Ping from Alibaba to Azure
Thank you for reading
ReplyDeleteThank you for sharing very useful blog!!!!
azure devops training in ameerpet
azure devops online training
Azure devops training
Wow! This could be one of the most useful blogs we have ever come across on thesubject. Actually excellent info! I’m also an expert in this topic so I can understand your effort. 13377x
ReplyDeleteThere are too many environments and moments where you need a VPN, but to make some understanding of VPN usage, I will explain the most common reasons where many people are using it daily.
ReplyDeleteReason Where You Need a VPN
this is really nice to read..informative post is very good to read..thanks a lot! vpn free
ReplyDeleteI can’t imagine focusing long enough to research; much less write this kind of article. You’ve outdone yourself with this material. This is great content. แทงหวยออนไลน์
ReplyDeleteThank you so much as you have been willing to share information with us. We will forever admire all you have done here because you have made my work as easy as ABC. หวยยี่กี
ReplyDeleteI cant getting to work on centering long sufficient to explore; parcels less compose this blushing of article. Youve outshone your self as fast as this material truely. it's miles quite possibly of the best happy. Facebook Account Hacker Software Free Download
ReplyDeleteEngaging, articulate. I just found your blog and wanted to spread the word about that I have inclined toward surfing your weblog posts. After every, I can buy into your feed, and that I reason you will compose inside the lower back again soon! Imazing Full Crack
ReplyDeleteSunday is a time when you sit back and reflect on all the blessings that you have received. Smile at all the good things that you are enjoying. Sunday Quotes
ReplyDelete