DEV Community

Cover image for Site-To-Site VPN connection in the Azure portal
Surya Shankar
Surya Shankar

Posted on • Edited on

Site-To-Site VPN connection in the Azure portal

Site-to-site VPN is a type of VPN connection that is created between two separate network locations. It provides the ability to connect geographically separate locations or networks, usually over the public internet connection or a WAN connection.

Step 1 - Verify your Virtual Networks

In the Azure Portal, click the “Virtual Networks” and create

Image description
Image description

Step 2 - Creating a Gateway Subnet

Now, we have to create a Gateway subnet. So, select “Subnets” and then click “+ Gateway Subnet”.
Now, we need to enter the address range (CIDR block) and click “Ok”. The Gateway Subnet is an internal gateway in this network that Azure can use to route traffic back to your on-premises environment.

Image description

Step 3 - Creating Virtual Network Gateway

We need to create a Virtual Network Gateway that will become the endpoint to your connections.

Image description

Go to “+ Create a resource”, start typing “Virtual network gateway”, and select it to begin configuring.

Now, we need to fill the instance information.
Name: S2SVNGW
Gateway Type: VPN
VPN Type: Router-based
SKU: VpnGw1
Enter fullscreen mode Exit fullscreen mode

Image description

Virtual Network:(Our Azure Local Virtual Network)
Public IP Address: Create New
Public IP Address Name: S2SVPNGWIP (In the demo, we can use this name as our Public IP)
Enable Active-Active mode: Disable
Configure BGP ASN: Disable
Enter fullscreen mode Exit fullscreen mode

Image description
Image description
Click the “Create + Review” button to start the process. It will take more minutes to finish the process.

Step 4 - Creating Local Network Gateway

In this step, we need to create a “Local Network Gateway”. This represents our local on-premises networks. This Gateway shows our on-premises information so that Azure knows where our on-premises are running.
Now, we need to fill our correct information.

Name: S2SLNGW
IP Address: 103.59.187.18 – Azure IP Address
[In real situation you have to specify the Static IP address of the on-premises server or the Fully Qualified Domain Name]
Address Space: 192.168.1.0/24 – LAN IP Address Range
Enter the other necessary information and click “Create”.
Enter fullscreen mode Exit fullscreen mode

Image description
Image description

Step 5 - Creating a Connection

The connection is represented to connect Virtual Network Gateway and Local Network Gateway.

Image description

Connection Type: Site-to-Site (IPsec)
Click the “OK” button to finish the basic information.
Enter fullscreen mode Exit fullscreen mode
In the Virtual Network Gateway, choose the Gateway that we have already created
In the Local Network Gateway, choose the Gateway that we have already created
Enter fullscreen mode Exit fullscreen mode

Image description

In the Connection Name, it assigns the name itself. If we need to change the name we can do it. Now, we need to assign the Shared Key (PSK) for Secure VPN connection.

Image description

After successfully completing the steps you will find a configuration file. Download this and send the text file to the network engineers on the other side

Image description

After that, we can verify our VPN status in the Connection settings.

It Will show VPN Status is “Connected” and we can verify the Peer 1 and Peer 2.

Top comments (0)