TABLE OF CONTENT1.Introduction2.What to expect from this article?3.Configuring Azure 4.Configuring AWS5.Adding the AWS information on Azure Configuration6.Configuring Routes 7.Summary 8.About CloudThat
Introduction
Modern technology cannot function in silo mode. Interoperability is vital, whether it’s communication between High Commissions from powerful countries or compatibility among popular technology products. Every day, we all face the need to seamlessly establish communication between different techno-products from different brands. It’s not hard for us to want Windows apps to work on Linux Operating System, and vice versa. We also want Android features on iOS, and vice versa. This prelude has helped me to show you how to set up Site-to–Site VPN connections between AWS and Azure cloud providers. It is a simple step by step process.
Join me on this AWS-Azure VPN communication adventure…
What can you expect from this article?
Multi-cloud architecture is becoming more common within the IT industry. You will need to establish a fast-direct resilient VPN connection among your public cloud providers such as Azure or AWS.
Transferring data over the internet is not without risks. Legacy applications and workloads don’t support internet protocols well. Let’s play with Virtual Private Networks.
This article will show you how I set up a site to site VPN connection between Azure or AWS to connect the virtual networks.
The goal is to allow the VM (Virtual Machine in AWS VPC) to connect to Azure via a VPN connection that has been configured in AWS VPC.
Diagram of High-Level Architecture:
You can use AWS VPC to access cloud resources in a logically isolated private networking. It provides the same level of isolation that an Azure virtual network. Each subnet controls whether spun VMs (virtual machine) can access specific resources or the Internet.
An IPsec tunnel will connect the AWS Virtual Network Gateway to the Azure virtual network. An IPsec tunnel will be established between the Azure virtual network gateway (AWS VPN) and the AWS VPC (AWS). It will be assisted by Customer Gateway from AWS and Local Gateway Network from Azure. This tunnel will carry all traffic between AWS VPCs and Azure VNet.
These are the steps you must take to create this infrastructure.
Configuring Azure
Create An Azure Virtual Network (VNET)
First create a Resource Group and then create VNET with the CIDR range of 172.10.0.0/16. Create one subnet with the CIDR Range 172.10.1.0/24.
Create Gateway Subnet
Go to the VNET that you just created. Click on Subnet to create a Gateway Subnet using the CIDR range of 172.10.5.0/27. To configure an Azure VPN Gateway, you will need a gateway subnet within the VNet.
Create Azure Virtual Network Gateway
Virtual Network Gateway has been created. You will receive a public IP.
Provisioning will take between 20 and 45 minutes.
Configuring AWS
Create an AWS Virtual Private Network, (VPC).
Now, go to AWS and create a VPC using CIDR range of 192.16.0.0/16
Click on Subnets to create a subnet with the CIDR range of 192.16.1.0/24. Go to route tables to associate the subnet.
Create a Customer Gateway
Click on Customer Gateway in the panel to create Customer Gateway. In the IP address field, enter the Public IP Azure Virtual Network Gateway. Refer to Step 3 for the IP.
Create AWS Virtual Private Gateway
Create Virtual Private Gateway Connect the VPN you just created to the VPC you created in step 4.
Create a site-to-site VPN
Click on VPN connection in the panel to create a VPN connection. Select Routing Option: Static and add Azure VPC/CIDR range.
Provision will take between 5-10 minutes.
After VPN was created. After you have selected the VPN, download the configuration. Wi