How to Connect Azure Virtual Networks via VPN

I'm stuck inside all afternoon due to some unseasonable February thunderstorms so I figured I'd write up the process I followed to deploy a few virtual networks in Azure and connect them with a VPN. This is a great exercise for anyone trying to get familiar with the Azure Resource Manager interface and with how connectivity works within Azure.

Before deploying my networks, I went ahead and provisioned a Resource Group called NetworkLab. I did this so I could keep all of my lab resources in one place. This makes it far easier to delete all of my lab resources in on fell swoop when I'm all done.

After deploying the NetworkLab resource group, I went ahead and deployed the first virtual network in my lab environment and called it vNet1. I gave vNet1 an address space of 10.5.0.0/16 and defined a single subnet with an address range of 10.5.1.0/24 and called the subnet vNet1-Subnet1. All resources were placed in the NetworkLab resource group.

Once the the first virtual network was deployed, I provisioned a second virtual network, named it vNet2, and configured an address space of 192.167.0.0/16. Within this new virtual network, I provisioned a single subnet with an address range of 192.167.1.0/24 and called the subnet vNet2-Subnet1. As ws the case with the first virtual network, I made sure all resources for this network were deployed to the NetworkLab resource group.

At this point, I had two disparate virtual networks that I wanted to connect via a site-to-site VPN. However, before connecting them with the VPN, I needed to deploy a couple subnet gateways (one for each virtual network) and a few Virtual Network Gateways (which are used to connect two virtual networks in Azure). To address these requirements, I provisioned a gateway subnet on vNet1 and gave it an address range of 10.5.2.0/4. On vNet2, I provisioned a subnet gateway with an address range of 192.167.2.0/24.

Click here to join the Understanding Azure Facebook group or here for the latest Azure practice questions, answers, explanations, and reference materials.

Thomas Mitchell

Tom is a 20+ year veteran of the IT industry and carries numerous Microsoft certifications, including the MCSE: Cloud Platform and Infrastructure certification. A Subject Matter Expert in Active Directory and Microsoft Exchange, Tom also possesses expert-level knowledge in several other IT disciplines, including Azure, Storage, and O365/Exchange Online. You can find Tom at his website, on LinkedIn, or on Facebook. Need to reach him by phone? Call 484-334-2790.