A VPN Tunnel is an encoded connection or a encrypted path way between two different organizations or networks. This private tunnel can give an approach to cloak online activities.
Pre-requisites :
- Two virtual networks with different Address spaces in different regions.
- A virtual machine in each virtual network.
- In the following scenario,
| VIRTUAL NETWORK-1 | VIRTUAL NETWORK-2 | |
| Virtual network name | v-net-1 | v-net-2 |
| Address space | 10.0.0.0/16 | 192.168.0.0/16 |
| Subnet | default (10.0.0.0/24) | default (192.168.0.0/24) |
| Virtual machine | cm-1 | cm-2 |
| Private IP | 10.0.0.4 | 192.168.0.4 |
| Region | East-US | Central-India |
Procedure :
- Create a gateway subnet in both the virtual networks. //
Home > Virtual Networks > Select the virtual network > Subnets > Gateway subnet Specify the IP Address range > OK.Carry out the same procedure for the both networks.- Create Virtual network gateways for both the virtual networks, which acts as the gateway for the traffic incoming and outgoing.
Home > Virtual network gateways > Add > type a valid vgn name (vgn-1) > select the virtual network (v-net-1) > make sure the region is same as that of v-net (v-net-1) > create a new public ip (pip-vgn-1) > review and create. Note : A valid amount of time is taken to get vgn created.- Create a second virtual network gateway (vgn-2) for the second virtual network (v-net-2) along side with public IP (pip-vgn-2) for the gateway in the similar process in the same region that of the virtual network (v-net-2).
Configuring VGN :
- After successful creation of the virtual network gateways resources, go to the first virtual network gateway (vgn-1)
Home > Virtual network gateways > connections > Add.- Give a valid name and select the second virtual network gateway (vgn-2) and give a pre shared key as shown below.
- The given shared key is used to establish connection from the other end.
- Dive back to the second virtual network gateway (vgn-2) and establish a connection to the first virtual network gateway.
- Home > Virtual network gateway > select the second virtual network gateway (vgn-2) > Connections > Add > create the connection with the same pre shared key.
Note : It takes a few minutes to get the status change from unknown to connected.
Configure the security rules :
- Configure the security rules of the virtual machines such that the incoming traffic is allowed from the other virtual network as shown below (if required).
- Similarly configure the security groups of other virtual machine to allow the required traffic from the other virtual network gateway.
- Check the connection by pinging the private ip of the opposite virtual machine.
Akhil's Blog 