Microsoft Azure Virtual WAN Part 1 - Create Virtual Network and subnets
Part 2 Create a Virtual WAN (VWAN) on Azure Portal
Microsoft Azure Virtual WAN Part 3 - Create and convert to secured virtual hub inside VWAN
Microsoft Azure Virtual WAN Part 3.1 - Create secured virtual hub inside Azure Firewall Manager
Microsoft Azure Virtual WAN Part 4 - Add Virtual Network connection | Hub vNet Peering
Microsoft Azure Virtual WAN Part 5 - Create Azure Virtual Machine (VM)
Microsoft Azure Virtual WAN Part 6 - Creating and configuring Azure Firewall Policies
Microsoft Azure Virtual WAN Part 7 - Configure security configuration | Route traffic to your secured hub | Test connectivity
So far I have created Virtual Network (vNet), Subnets, Virtual WAN (vWan), Secured Azure Firewall backed Virtual Hubs earlier. Here in this article I am going to Add a Virtual Network Connection between vNet and Hub in the respective region location. You can also call it a peering between hub and vNet. Just as a note, One vNet can be only added to one Virtual hub at a time. Here in the diagram red line depicts, the connections I am going to establish.
To configure Virtual Network Connections go to Virtual WAN choose Virtual network connections under Connectivity. you will see multiple Hubs listed with different regions. and no Virtual Network added or connected with count 0. Click + Add connection button.
Here on the right side of Add connection, Provide a connection name, Select hubs (If a hub is disabled, the hub is undergoing some operation. Please wait for it to finish and retry). Choose Subscription, Resource Group (that contains vNet). Select the Virtual Network from list which you need to connect (peer) with the Hub, The virtual network you select can't have an already existing virtual network gateway configured.
In the Routing configuration, Select Route Tables for this connection. Below are two recommended settings for Routing Configuration (Be sure to check Azure firewall Manager security configuration settings).
None: For private traffic (VNETs/Branches) configured to go via Azure Firewall
Default: For private traffic (VNETs/Branches) configured to go direct and bypass Azure Firewall
Here I am keeping Propagate to none selected no (No option is default. Changing the toggle button to Yes makes the configuration options for Propagate to Route Tables and Propagate to labels unavailable for configuration). Labels are logical grouping of route tables. Associate Route Table: You can select the route table that you want to associate. In the Static routes you can use this setting to specify next hop (Customize routes to specify next hop as an IP address, for example a NVA IP address).
Click Create button.
Once connection is added successfully you will see the network connection added after expanding Virtual networks with the number of connections. It takes few minutes to to change status to succeeded as it can be seen its in Updating status.
Here I have followed same procedure given above and created other virtual network connections as shown below.
Once connections are created, they will look like below with Succeeded status.
Useful Articles
Powershell Azure Az module Install-Package cannot convert value 2.0.0-preview to type system.version
Part 1: Create and deploy a website with Microsoft Azure web app service plan
AzCopy copy transfer fails with 403 This request is not authorized to perform this operation using this permission
Azure azcopy login error Selected user account does not exist in tenant 'Microsoft Services' and cannot access the application '579a7132-0e58-4d80-b1e1-7a1e2d337859'