Microsoft Azure – How to Configure a VNet-to-VNet connection

In your infrastructure you will probably have a few virtual networks (VNETs). They might be premises sites or azure VNETs. You can connect these multiple VNETs to each other. Virtual network connectivity can be used simultaneously with multi-site VPNs, with a maximum of 10 VPN tunnels for a virtual network VPN gateway connecting to ether other virtual networks or on-premises sites.

What I have got here in my scenario is: 2 sites, one in US and one in Europe which we will create; (Basically 2 sites in 2 different regions). Connecting a virtual network to another virtual network (VNET-to-VNET) is very similar to connecting a virtual network to an on-premises site location.  A couple of different steps such as downloading the script created by Azure and running it on your on premises gateway device. Both connectivity types use a VPN gateway to provide a secure tunnel using IPsec/IKE.

Capture121

Let’s create these VNETS now;

Log in to the Azure Classic Portal (not the Azure Portal). In the lower left-hand corner of the screen, click New. In the navigation pane, click Network Services, and then click Virtual Network. Click Custom Create to begin the configuration wizard.

Captur

On the Virtual Network Details page, enter the VNET name and choose your location (region).

On the DNS Servers and VPN Connectivity page, enter your DNS server name and IP address. You are not going to create one. This is purely name resolution for this virtual network. And don’t click any boxes, leave them as they are.

Captu

On the Virtual Network Address Spaces page, specify the address range that you want to use for your virtual network. In my case for Us it will be 10.20.0.0 /16 .These are the dynamic IP addresses (DIPS) that will be assigned to the VMs and other role instances that you deploy to this virtual network. It’s especially important to select a range that does not overlap with any of the ranges that are used for your on-premises network. You will get error message informing you that you have chosen an overlapped network range. You can modify your subnet here and create other subnets for other services but for now these are not required.

Capt

 

Click on the to create it. Create another VNET following the steps above. I will choose 10.10.0.0 /16 and North Europe for my VNET-EU.

Capt1

 

Next we need to add local networks to these virtual networks. I will configure each VNET as a local network. Microsoft refers local networks as on premises network.

Capt12

 

In the lower left-hand corner of the screen, click New. In the navigation pane, click Network Services, and then click Virtual Network. Click Add Local Network

Capt23

 

On the Specify your local network details page, for Name, enter the name of a virtual network that you want to use in your VNet-to-VNet configuration. For this example, I’ll use VNET-EU, as we’ll be pointing VNET-US to this virtual network for our configuration.

For VPN Device IP Address, use any IP address. Typically, you’d use the actual external IP address for a VPN device. For VNet-to-VNet configurations, you will use the Gateway IP address. But, given that you haven’t created the gateway yet, I will use an IP address from my IP range for now. (10.10.0.50). I will then go back into these settings and configure them with the corresponding gateway IP addresses once Azure generates it. Do the same steps for VNET-US and choose 10.20.0.50

Next I will have to point each VNET to each other as Local Network. Go to Networks and then click on the first VNET and click Configure. Scroll down to Connection and tick the box for Connect to the Local Network and choose the other VNET under Local Network.

C

 

In the virtual network address spaces section on the same page, click add gateway subnet, then click the save icon at the bottom of the page to save your configuration.

C1

 

Repeat the step for VNET-US to specify VNET-EU as a local network.

Next step will be creating dynamic routing gateways for each VNET. On the Networks page, make sure the status column for your virtual network is Created.

C2

 

In the Name column, click the name of your virtual network.

On the Dashboard page, notice that this VNet doesn’t have a gateway configured yet. You’ll see this status change as you go through the steps to configure your gateway. At the bottom of the page, click Create Gateway. You must select Dynamic Routing.

C4

When the system prompts you to confirm that you want the gateway created, click Yes. Repeat the same steps for the other VNET. When your gateway is creating, notice the gateway graphic on the page changes to yellow and says Creating Gateway. It typically takes about 15-20 minutes for the gateway to create.

C5

After gateways created, they will be assigned IP addresses and we need to modify our Local Network IPs we assigned temporary when we added them to VNETs to these IPs.

C7

After everything has completed we will need to make sure each connection and both sides of the gateway are using the same PRESHARED KEY.

I will use Powershell to complete this part. First connect to your subscription’

p1

 

And then just check your VNET connections using Get-AzureVNetConnection

p2

 

Lastly run;

Set-AzureVNetGatewayKey -VNetName VNET-EU -LocalNetworkSiteName VNET-US -SharedKey 123456789

Set-AzureVNetGatewayKey -VNetName VNET-US -LocalNetworkSiteName VNET-EU -SharedKey 123456789

(Make sure for production environment you use much better shared keys)

p3

 

And you will see connection is successful.

Capture7777

Capture888

 

 

 

Cloud Certifications

There are lots of cloud certifications available out there. Some of them are really popular. I had a look at the various vendor websites and found out some of them ( There are a few in progress at the time of writing this);

Microsoft

Microsoft Cloud CertificationMicrosoft is one of the biggest players on the certifications markets. 20 years after creating first certifications, Microsoft had developed first cloud certification.

 

  • Microsoft Certified Solutions Expert (MCSE) Private Cloud
  • Microsoft Specialist certification in Office 365
  • Microsoft Certified Specialist Developing Microsoft Azure Solution
  • Microsoft Certified Specialist Implementing Microsoft Azure Infrastructure Solutions

 

 

Amazon AWS

Amazon AWSAmazon AWS has in the offer five certifications and works on new ones. At this moment you can pass exams on associate level for architects, developers and SysOps admins. Additionally there are two professional level cloud certifications.

 

  • AWS Certified Solutions Architect – Associate Level
  • AWS Certified Solutions Architect – Professional Level
  • AWS Certified Developer – Associate Level
  • AWS Certified SysOps Administrator – Associate Level
  • AWS Certified DevOps Engineer – Professional

VMware

VMware CloudVMware is still number one player in the virtualization market, but also with vCloud Director, they move to the cloud world. VMware presents also new certifications for Cloud experts. Two of them will be available soon

 

  • VMware Certified Associate – Cloud (VCA-Cloud)
  • VMware Certified Professional – Cloud (VCP-Cloud)
  • VMware Certified Advanced Professional – Cloud Infrastructure Design (VCAP-CID)
  • VMware Certified Advanced Professional – Cloud Infrastructure Administration (VCAP-CIA)
  • VMware Certified Design Expert – Cloud (VCDX-Cloud)

 

 

 

HP

HPHP has developed several certification for cloud specialists. You must provide more end-to-end architectural skills with these cloud certifications. These certification programs are connected with software and hardware from HP, but you can also find there many topics from the cloud theory.

 

  • HP Master ASE – Data Center and Cloud Architect
  • HP Master ASE – Software for Cloud Management
  • HP ASE – Cloud Integrator
  • HP ASE – Data Center and Cloud Architect
  • HP ASE – Software for Cloud Management
  • HP ATP – Cloud Administrator
  • HP ATP – Data Center and Cloud
  • HP ATA – Cloud
  • HP Master ASE – Data Center and Cloud Architect
  • HP ASE – Data Center and Cloud Architect
  • HP ATP – Data Center and Cloud
  • HP Master ASE – Software for Cloud Management
  • HP ASE – Software for Cloud Management
  • HP ATP – Cloud Service Automation
  • HP Master ASE – Data Center and Cloud Architect
  • HP ASE – Data Center and Cloud Architect
  • HP ATP – Data Center and Cloud
  • HP Technical Certified II – Software for Cloud Automation in SME
  • HP Technical Certified I – Implementing SaaS Solutions

 

IBM

IBMIBM has three certification for people who want to demonstrate their knowledge with the Cloud Computing infrastructure solutions.
One certification is focused on Tivoli systems, two on architectural concepts.

  • IBM Certified Solution Advisor – Cloud Computing Architecture
  • IBM Certified Solution Architect – Cloud Computing Infrastructure

 

Oracle

OracleIn the Oracle portfolio you can find several new certification for Cloud specialists. The most important are OCP Database Cloud Administrator and OCM Database Cloud Administrator.

 

  • Oracle Certified Master, Database Cloud Administrator
  • Oracle Certified Professional, Database Cloud Administrator
  • Oracle Cloud Application Foundation Certified Implementation Specialist
  • Exalogic Elastic Cloud X2-2 Certified Implementation Specialist
  • Oracle Exalogic Elastic Cloud 2014 Certified Implementation Specialist

 

Red Hat

Red Hat CertificationRed Hat is one of the biggest company involved in Linux and Cloud Solutions (Open Stack). Their certification program is mindblowing. Highly recommended.

 

  • Red Hat Certificate of Expertise in Hybrid Cloud Storage
  • Red Hat Certified System Administrator in Red Hat OpenStack
  • Red Hat Certificate of Expertise in Platform-as-a-Service

 

 

EXIN

EXINEXIN has two cloud certifications in the portfolio. First cloud certification is suited for a management level, but also engineers find this valuable. The EXIN certification was built by specialists from 4 companies. It’s a very good start for people who are not familiar with Cloud technologies. You can receive second certification after passing three exams.

 

  • EXIN Cloud Computing Foundation
  • EXIN Cloud Technologies Advanced

 

 

EMC

EMCEMC has in the portfolio three cloud certifications. One for people who start with cloud topics with EMC solutions and two for Architects (the highest level).

  • EMC Cloud Infrastructure and Services (EMCCIS)
  • EMC Cloud Architect Virtualized Infrastructure
  • EMC Cloud Architect IT-as-a-Ser