Microsoft azure definition for - A virtual network gateway is the software VPN device for your Azure virtual network. Use this with a connection to setup a site-to-site VPN connection between an azure virtual network and your local network, or a VNet-to-VNet VPN connection between two Azure virtual networks. It can also be used to connect a virtual network to an ExpressRoute circuit. In my simple english language Virtual network gateway is the router which is sitting between at Microsoft Azure and doing routing and Nating stuff to connect On premise network to Azure VMs and vice versa, It is functioning as same as my RRAS server, As shown in earlier in chapters I have RRAS server at On Premise, and Microsoft Azure Local Network Gateway is nothing but a logical representation of in-house local network, This Virtual Network Gateway has assigned one public IP to form a VPN connection. I will be showing only Site to Site VPN connection type in this series.
PART 1 : MICROSOFT AZURE CREATION AND CONFIGURATION OF VPN TUNNEL SERIES
PART 2 : MICROSOFT AZURE CREATING RESOURCE GROUP
PART 3 : MICROSOFT AZURE CREATING AND ADMINISTERING VIRTUAL NETWORK (VNET)
PART 3.1 : MICROSOFT AZURE POWERSHELL CREATING AND ADMINISTERING VIRTUAL NETWORK (VNET)
PART 4 : MICROSOFT AZURE CREATING AND ADMINISTRATING LOCAL NETWORK GATEWAY VPN
PART 4.1 : MICROSOFT AZURE POWERSHELL CREATING AND ADMINISTRATING LOCAL NETWORK GATEWAY
PART 5: VIRTUAL NETWORK GATEWAY DEPLOYMENT ON MICROSOFT AZURE
PART 5.1: VIRTUAL NETWORK GATEWAY DEPLOYMENT USING MICROSOFT AZURE POWERSHELL
PART 6: INSTALLING ROUTING AND REMOTE ACCESS SERVER ROLE (MICROSOFT RRAS)
PART 6.1: CONFIGURING ROUTING AND REMOTE ACCESS SERVER DEMAND-DIAL (MICROSOFT RRAS AZURE VPN)
PART 6.2: CONFIGURING ROUTING AND REMOTE ACCESS SERVER ROUTER (MICROSOFT RRAS AZURE VPN)
PART 7: MICROSOFT AZURE CREATE CONNECTION IN VIRTUAL NETWORK GATEWAY
PART 7.1: MICROSOFT AZURE POWERSHELL VPN CONNECTION IN VIRTUAL NETWORK GATEWAY
PART 8: MICROSOFT AZURE ARM AND POWERSHELL CREATING AND MANAGING STORAGE ACCOUNT
PART 9: CREATING AND MANAGING VIRTUAL MACHINE (VM) USING MICROSOFT AZURE RESOURCE MANAGER PORTAL
Now I will be starting with creating new Azure Gateway. Open Resource group (Poc-VPN already created one earlier parts), Search and Add new Virtual Network Gateway, click create.
Provide a name for newly created gateway. Associate it with earlier created vNet (Virtual Network) PART 3. Provide Gateway subnet address range (I have taken 10.100.2.224/27 which has only 32 IPs, You can take short IP range, It should be atleast /29 subnet), It will create new GatewaySubnet (Name is same) in Virtual Network (We didn't created one in Part 3), These IPs are used to setup a route. and VMs should not be assigned in this IP range.
Next is Gateway requires one Public IP to interact with on premise VPN gateway. for this I will create new one, Make sure you are naming them appropriately so next time you recognize them in case need configuration. There are 2 types of gateway type, VPN is the same what we are configuring now site to site over Internet. Microsoft Azure ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a dedicated private connection facilitated by a connectivity provider, ExpressRoute is generally a faster than normal VPN gateway type due to dedicated Internet connection line. In computer networking terms it is called MPLS. Although it is fast but cost is also associated with it, so while designing Azure solution keep it in mind.
Another setting is VPN type, Route-based and Policy-based, Microsoft RRAS supports only Route-based vpn type only. For detailed list of compatibility guide on VPN type I insist check Microsoft official webpage, Route-based is high performance VPN type my assumption is it is supported by newer generation of VPN devices, also called Dynamic routing.
next step monitor the task for completion and check deployed items In resource group, after refreshing the page I have two new objects Gateway and its associated Public IP address. Next topic will be the same using Azure powershell, I am deleting both the gateway and its IP so I can recreate it.