Virtual network gateway

• A virtual network (VNet) gateway is composed of two or more VMs that are deployed to a specific subnet you create called the gateway subnet
  • VMs are created when you create the virtual network gateway
  • VMs contain routing tables and run specific gateway services
• You can’t directly configure the VMs that are part of the virtual network gateway

Types

• VPN Gateway
• ExpressRoute Gateway

See:

• VPN Gateway details
• ExpressRoute Gateway details

VNet peering using gateways

• Create 2 VNets
  • VNet_1: in Japan East region
  • VNet_2: in Japan West region
• Create 2 VMs
  • VM_1
  • VM_2
• Attach 2 VMs to VNets
  • VM_1 => VNet_1
  • VM_2 => VNet_2
• Assign static public IP addresses to both VMs
• Turn firewall off in both VMs
• Try to ping one VM from other, it would not work because they are in different VNets
• Now create 2 VNet gateways
  • VNet_G1 (Japan east, set IP and other settings)
  • VNet_G2 (Japan west, set IP and other settings)
• Set connections to both gateways (select gateway > Connections)
  • VNet_G1
    • Connection type: VNet to VNet
    • Second virtual network gateway: VNet_G2
    • Shared key (PSK): xyz123abc
  • VNet_G2
    • Connection type: VNet to VNet
    • Second virtual network gateway: VNet_G1
    • Shared key (PSK): xyz123abc
• Check status > wait until become connected
• Now ping one VM from other, it should work

Links

• https://docs.microsoft.com/en-us/azure/vpn-gateway/
• https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal
• https://azure.microsoft.com/ja-jp/blog/vnet-peering-and-vpn-gateways/