Configure a Site to Site VPN in Microsoft Azure

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys welcome to the video and here I'm going to show you how to create a site-to-site VPN into Azure here are the steps you may want to pause quickly just to get a hold of those be going through it step-by-step so you can always pop pause the video and play when you're ready to a very quick architectural diagram showing what it is we're going to configure some go alright on premise home lab over here with our route sir an IP address and our public VPN or that will have a public IP address on our VPN gateway we've got a virtual machine with the first IP in the sub now which is 1004 and we've got our 10000 / 16 Network yes I know it's quite big it's oversized and one thing I did forget to put in the year was the gateway subnet which will configure as the last subnet so without further ado let's get on so the first thing we need to do is create a resource group so I've already got the panels configured here but if you haven't you can go to career resource resource group create and I call this canto so it's my network names fictitious name you've probably had before if you're watching this look so that's my subscription resource group location that's fine we'll probably just caught a - orgy on that and label things properly click go okay that's created so now the next step is to create a virtual network so again career resource there's one Network will create and we'll call this and soso v-net will leave the address space as it is visual studio enterprise that's fine so we use the resource creep we've just created locations fine subnet so we'll call it what VM subnet so what put our virtual machines in there can probably leave that it is actually not be much more than enough for what we need it for so I'll click create let that do its job okay cool so our virtual networks done so we're going to go to that resource we're going to go to subnets and we're going to create the Gateway subnet for the VPN so I'm going to click on that we'll probably use we use the last subnet in our virtual network think that's it yeah looks like it in production you would probably use a much smaller sub now so just last twenty eight and that will give you more room if you decide to deploy Express route or other VPN connections so we'll go with that let that deploy ok great so that finished so now we need to create a local network gateway so we're going to return to our offer resource group and we're going to go part hang on a second nope create resource local network gateway click create so this is our measure to pay map and the IP address I'll just get that where is it so this is the IP address of your home router so bang that in there and our local address space is 92168 Kansai quickly zero zero do you need to put the slash in there yeah there you go so that should do subscriptions fine we'll use our contoso resource group and we've been a click create once that's done we'll move on to the next part okay now that's done we need to create a public IP address for our virtual network gateway so that's the device that sits inside Asia so going to click create resource so we're going to click public IP address give it a name fact maybe just want a pip cool we don't need a DNS label I don't think no so we're going to use the existing resource group and click create okay now that's done we need to create a virtual network gateway so we're going to connect our IP public IP address to this so click create give it a name it's our V net is contoso vina and our public IP address which we've literally just created and resource groups fine locations fine and we'll click create so that last process takes quite a bit of time so about the video pause for about half an hour so we've got the Gateway set up the private IP address we've got the network set up and so now we move on to create a connection object so under connections or you could create a resource and search that way I'm gonna click add a connection so it's not a v-net to Vina to site-to-site IPSec VPN a subscription leave it as it is and we'll use an existing resource the contoso resource group we created earlier click ok so we're going to choose the v-neck gateway we created that's the internal gateway and next we're going to choose the azure it's a home lab gateway so that gateway represents our home and connection or home private IP address so this is the part where we're going to use a shared key so I'm going to type 8 the c-123 nice and secure obviously you wouldn't do that in production click ok ok again and that's it we're going to wait for that connection to deploy and we'll move onto the next step so now that that's done the next part is we need to configure a remote access server in our lab so we're going to go over to save the manager so we're going to add roles and features and just give this a second okay next so that's our server and we're going to find the remote access role so click Next Next Next so we want direct access VPN and routing next install we'll give that a moment so I've rebooted the server now we're going to run the remote access setup wizard so we're going to deploy VPN just wait for this to load ok so we're going to configure which one secure connection between two private networks click Next we'll use demand dial how do you want to IP it ok we use automatic click finish so next we're going to configure so I'll call it lab to measure just call it laughter ah sure I guess okay we'll leave that as a VPN we're going to use ike v2 and so this is the azure IP address just fine now so we've got our asha public IP address go next if it'll go come on okay so we can just click Next so we're going to add a destination root so it's 10000 suitable five zero five zero zero and I'll just put three four okay next don't need password and username click finish okay so that connections been made just a final few more configuration bits to setup so we'll go to the connection its properties and then options you can set the redial attempts here so we'll put that two three and under security we're not going to use a certificate we're going to use a pre-shared key in production you probably do things a lot more secure but not here and I think that ought to cover it so click OK and then we'll start the connection great so it stays connected so let's fire up Azure again so if we go under our connections there's our Action Network and you as you can see we're connected so I'm going to create a virtual machine and what come back once I've done it and we'll be able to do some tests from pinging okay moment of truth we're going to test so I've got my virtual machine my on premise virtual machine so it's going to run command prompt just show you so that's my on-premise IP for this service my RI said and we're gonna ping our as your virtual machine which is 1000 for so I've got connection open to it and just to show you avoided the disabled the firewall which you're publishing doing production but see it's a lab so it makes no difference so 1000 for an hour as your machine so yeah it's working great now I can ping back the other way [Applause] boom so we're pinging out on premise now rush server from our address virtual machine VPN connection setup complete thanks for watching guys so you can subscribe maybe like the video leave a comment that'd be great thanks

Info

Channel: Kirk Whetton

Views: 30,915

Rating: undefined out of 5

Keywords:

Id: G_k5D-o7CrI

Channel Id: undefined

Length: 14min 42sec (882 seconds)

Published: Sat May 05 2018