3.16 Configure Virtual Network Gateways

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

18 hours 43 minutes
Video Transcription
Welcome back on this episode, we're gonna take a look at how to configure our virtual network gateways.
Our objectives include preparing our virtual networks by creating a gateway sub net and then going in and creating our virtual network. Eight way.
Let's jump back over to the azure portal.
Here we are back in our azure portal and like a mention before we create our virtual network gateway, we need to prepare a virtual network and a gateway sub net for it. I've already got a virtual network created, so let's go take a look at it.
Let's go check out our subjects
here. I have to sub nets already available and created, but these are for Regular Resource is like virtual machines. What we need to do is go here and click on Gateway Sub Net.
You can see it's already given it a name of Gateway sub Net and chosen the next address range that's available inside a virtual network.
I do want to suggest, though we don't really need 256 addresses for a gateway sub net, you want to save on a little bit address space. You could change this to something like a slash 27
and that will narrow down the number of I P addresses in this sub in it for the gateways. Rest of her options here we could assign a network security group or a route table, but for right now, we're gonna leave it just as is and go ahead and create our gateway sub net.
Now that we have our Gateway sub net, let's go create our virtual network Gateway. It's click on Create a Resource
Search for Virtual Network, Gateway
and click on Create.
First, let's give our virtual network Gateway name
Select our region.
And here's where we have our option of selecting the gateway type. Are we going to be doing this as a VPN for a point to cider site to site or we're gonna be setting up for express route
Right now, I'm just gonna choose VPN
for the VP and type. I'm also gonna just leave it at route based.
Next, we have our skew to select.
One thing I want to point out
is right now we have basic all the way through VP and Gateway three with zone redundant options.
But if I change my region
back to West us and check out our skews. You'll see we're missing the zone. Redundant ones. Some of these skews are only available in certain regions.
Let's switch back to our east US.
We'll keep it at VP and Gateway one
and next We do select the virtual network where this gateway is gonna be placed.
I only have one right now,
and you can see it automatically is going to fill in the gateway sub net we've configured for this virtual network.
Next, we need a public I P address for our gateway. I don't have any existing ones, so we're gonna create a new one.
And the rest of these options we've already talked about inside of our slides and I'm just gonna leave him that disabled right now. Let's go ahead and review and create
hand. Let's finish our creation
now. Virtual network gateways, even by Microsoft's own azure documentation, can take up to 45 minutes to provision. So I'm going to pause the video, wait for this to finish, will come back and take a look at some of our configuration options
resuming the recording here that took just about 30 minutes. But of course your mileage may vary.
Let's go check out our virtual gateway
over here on the right, you can see the public I p address using our new public I P address resource that is assigned to the Gateway
under settings. Let's go take a look at our configuration options
here if we needed to. We can change our VPN skew. So if we need to resize our virtual network eight way we can and then we also have some of the other options that we looked at when we created it and also in the last episode, configuring Active Active mode or the B g p a s n
Next, let's go take a look at connections
and connections are going to be for our site to site VPN connections. For instance, if we were connecting to a non premises VP and device was, go and click on add and take a look at our options here
we would give this connection and name and our connection type, whether we were doing V Net TV Net site to site or express route. Let's go and choose site to site.
We already have our virtual network gateways selected,
and our next option here is the local network Gateway.
Now the local network Gateway is going to refer to your on premises location.
You'll give this network of name that Azure can refer to, and then the i p address of your on premises, VP and device.
Let's go ahead and create a new local gateway.
I don't have a non premises network to connect to to try this out, but I'm just gonna put in an I P address in here.
And then this address space is going to be the address space that is found in the on premises network.
Next, let's take a look at the shared key. This is going to be the key that you configure it on your on premises, VP and device, and we'll put this shared password in here so we can initiate the connection. And these two devices can't trust each other.
And that would complete the settings for a site to site connection. Let's go and cancel out of this.
Let's go take a look at our point to site configuration.
The address pool here is the private I P address range that you want to use for your VPN clients when they connect. They'll dynamically receive an I P address from this range that we specify.
Next, we would choose the tunnel type. We have couple options open VPN s STP or several versions of I ke ee
and then we have our authentication type. We can use an azure certificate or set up ready saw authentication.
And if we were to complete this configuration, you can see here in the upper right a little bit. We have the option to then download the VP incline, which would put on our individual systems to allow them connect to this virtual network.
Let's go down and take a look at one final option under support in trouble shooting, and that is our reset option.
This will be used in a situation where you know your on premises. VP and devices are working. But for some reason you're not able to establish the BP and tunnels with the azure V, P and Gateway.
So you have the option of resetting the VP and gateway here, but it is going to cause a gap in your connectivity for just a little bit while it resets. That does it for our demo of creating a virtual network Gateway and looking at some of our configuration options. Let's go back to the slides and wrap this up.
Coming up next, we're gonna take a look at something were already familiar with. But we're gonna go into a little bit more detail by discussing private and public I P addresses. See you in the next episode.
Up Next