Skip to content

Latest commit

 

History

History
106 lines (102 loc) · 3.21 KB

site-to-site-connection-demo.md

File metadata and controls

106 lines (102 loc) · 3.21 KB

Site-to-Site VPN Connection Between Azure and AWS Demo

Architecture Diagram:

draw

Step 1: Configuring Azure

  1. Crate a resource group on Azure to deploy the resources on that
Resource Group Name: rg-azure-aws
Region: East-US
  1. Create Virtual Network
Resource Group Name: rg-azure-aws
Region: East-US
VNet Name: vnet-azure
VNet IPv4 Address Space: 172.10.0.0/16
Subnet Name: subnet-01
Subnet IPv4 Address Space: 172.10.1.0/24
  1. Create the VPN Gateway
VPN Gateway Name: vpn-azure-aws
Region: East-US
Gateway Type: VPN
SKU: VpnGw1
Generation: Generation 1
Virtual Network: vnet-azure
Public IP Address: pip-vpn-azure-aws
Public IP Address Type: Basic
Assignment: Dynamic
Enable active-active mode: Disabled
Configure BGP: Disabled

Configuring AWS

  1. Create the Virtual Private Cloud (VPC) in AWS
Name: my-vpc-01
IPv4 CIDR: 10.10.0.0/16
  1. Create a subnet inside the VPC (Virtual Network)
Name: my-subnet-01
VPC Name: my-vpc-01
VPC IPv4 CIDR: 10.10.0.0/16
IPv4 CIDR: 10.10.1.0/24
  1. Create a customer gateway pointing to the Public IP Address of Azure VPN Gateway
IP address: Public IP Address of Azure VPN Gateway
Rest keep everything as default
  1. Create the Virtual Private Gateway then attach to the VPC
Name: vpg-aws-azure
  1. Create a site-to-site VPN Connection
Name: vpn-aws-azure
Target gateway type: Virtual private gateway (Select your Virtual private gateway created in 7)
Customer gateway: Existing (Select your VCustomer gateway created in 6)
Routing options: Static
Static IP prefixes: 172.10.1.0/24
Leave rest of them as default
  1. Download the configuration file
Vendor: Generic
Platform: Generic
Software: Vendor Agnostic
In this configuration file you will note that there are the Shared Keys and the Public Ip Address for each of one of the two IPSec tunnels created by AWS.

Connecting Azure and AWS

  1. Create the Local Network Gateway in Azure
Name: lng-azure-aws
Resource Group Name: rg-azure-aws
Region: East-US
IP address: Get the Outside IP address from the configuration file downloaded in 9.
Address Space(s): 10.10.0.0/16
  1. Create the connection on the Virtual Network Gateway in Azure
Name: connection-azure-aws
Connection Type: Site-to-Site
Local Network Gateway: Select the Local Network Gateway which you created in 10.
Shared Key: Get the Shared Key from the configuration file downloaded in 9.
Wait till the Connection Status changes to - Connected
In the same way, check in AWS Console wheather the 1st tunnel of Virtual Private Gateway UP.
  1. Create Internet Gateway and Attach it to VPC in AWS:\
Name: my-internet-gateway
  1. Now let's edit the route table associated with our VPC
Add the route to Azure subnet through the Virtual Private Gateway
Destination: 172.10.1.0/24
Target: Virtual Private Gateway that we created.
also add,
Destination: 0.0.0.0/0
Target: Internet Gateway that we created in 12.
  1. Create VMs in both Azure and AWS and Test the connection.