Posted in Active Directory, AWS, Azure, Windows

VPN TUNNEL (AWS-AZURE) V-NET

Posted on by Akhil

Pre-requisites :

  • Two virtual networks with different Address spaces in different cloud platforms.
  • A virtual machine in each virtual network.
  • In the following scenario,
AZURE V-NETAWS-V-NET
Virtual network namevnet-Azurevnet-Aws
Address space10.0.0.0/16192.168.0.0/16
Subnetsu-1 (10.0.1.0/24)su-1-aws (192.168.1.0/24)
Virtual machineazure-serveraws-server
Private IP10.0.1.4192.168.1.214
RegionEast-USN.Virginia
Domainakhil.com

Procedure :

Azure

  • Create a gateway subnet in the virtual network. // Home > Virtual Networks > Select the virtual network > Subnets > Gateway subnet
  • Specify the IP Address range > OK. Carry out the same procedure for the both networks.
  • Create Virtual network gateways for both the virtual networks, which acts as the gateway for the traffic incoming and outgoing.
  • Home > Virtual network gateways > Add > type a valid vng name (vng-azure) > select the virtual network (vnet-Azure) > make sure the region is same as that of v-net (vnet-Azure) > create a new public IP (pip-azure-vng) > review and createNote : A valid amount of time is taken to get vng created.

AWS

  • Create a Customer gateway (cg-aws) that communicates with the Azure virtual network gateway.
  • VPC > Virtual private network > Customer gateways > Create customer gateway and mention public IP of the virtual network gateway (pip-azure-vng) as shown below.
  • Create Virtual Private Gateway (vpn-aws) in VPC > Virtual private network > Virtual private gateways > create virtual private gateway.
  • Select the Virtual Private Gateway (vpn-aws) > Actions > Attach to vpc > Select the vpc > create.
  • Create the vpn connection in VPC (tunnel-aws-azure) > Virtual private network > site to site vpn connections > create vpn connection > select virtual private gateway (vpn-aws) > select customer gateway (cg-aws) > routing option (static) > mention IP CIDR (Azure) > create vpc connection.

Azure

  • Select the vpn connection (tunnel-aws-azure) > Tunnel details > copy IP of tunnel-1
  • Open Azure > Local network gateways > create local network gateway (lng-aws) > paste the public IP address of tunnel-1 > mention the address space of AWS-VNet (vnet-aws)
  • Create connection (aws-tunnel-1) between the cloud platforms in Home > Virtual network gateways > Select the virtual network gateway (vng-azure) > Connections > Add > vpn connection type (Site to Site (IPsec)) > select the local network gateway (lng-aws) > Paste the PSK obtained from downloaded text file

AWS

  • VPC > route tables > select the route table that is attached to the vnet > routes > edit routes > Add route > destination IP CIDR (that of Azure) > target virtual private gateway (vpn-aws)

Status of tunnel :

The status of the tunnel can be verified both in Azure and AWS cloud platforms

  • In Azure ; Home > Virtual network gateways > virtual network gateway (vng-azure) > Connections
  • In AWS ; VPC > Virtual private network > site to site vpn connections > select the vpn connection > tunnel details
Unknown's avatar

Author:

I'm currently working as a cloud migration consultant in Deloitte. My days are primarily spent on cloud with a high focus on migrations and gcp management. On my downtime I prefer to be a 3d designer.

Leave a comment