DEV Community

Cover image for VPC to VNET connection between AWS and Azure - Site-to-Site VPN
bi3wa3
bi3wa3

Posted on

VPC to VNET connection between AWS and Azure - Site-to-Site VPN

#aws #azure #vpn #transitgateway

vnet to vpc connection

Overview

In this blog we will be going throgh how we can configure a site2site vpn connection between AWS and Azure to make a private communication between them. The above figure is the architecture we will be implementing.

Implementation

First we will configure the Azure part and we will move to AWS

Create An Azure Virtual Network (VNET)

In azure first create a resource group and create VNET with CIDR range 172.10.0.0/16 and one subnet with CIDR range 172.10.1.0/24

Vnet in Azure

Create Gateway Subnet

Create Gateway Subnet with CIDR range 172.10.5.0/27. Gateway subnet in the VNet is needed to configure an Azure VPN Gateway.

Gateway subnet

Create Azure Virtual Network Gateway

Now we can create a virtual network gateway. This may take some time to create.

Network Gateway

We have setup Azure configuration now moving towards AWS part

Create An AWS Virtual Private Network (VPC)

Now come to AWS side and create a VPC with CIDR range 192.16.0.0/16

AWS VPC

create subnet with CIDR range 192.16.1.0/24. Associate the subnet by going to the route table.

Subnet creation

Create Customer Gateway

Goto customer gateway section in the console and click on it, and in IP address place, give the Public IP Azure Virtual Network Gateway.

Customer Gateway

Create AWS Virtual Private Gateway

Image description

Create a Site-to-Site VPN

create a VPN connection by clicking on VPN connection from the panel. Select Routing Option is Static and add Azure VPC CIDR range.

Site to site vpn

After, VPN is successfully created, download the configuration for the vpn and you need to select the vendor as Generic. With this configuration file will setup Local Network Gateway in Azure.

VPN creation

We now again continue to the Azure part of configuration

Create Azure Local Network Gateway

Now create 2 local network gateways for high availability.

Local Network Gateway

From configuration select the public ip address and give aws vpn that public ip.

Create a Connection

Add new connection by selecting Local network gateway , shared keys and configuration as required.

Connection creation

configure routes

Create route table in Azure .

Image description

Add a new route to a CIDR range of AWS VPC and pointing to the Virtual Network Gateway.

Image description

Create route table in aws

Follow the same procedure as above and add a route to the CIDR of azure vpc pointing to the virtual private gateway.

Image description

Image description

Conclusion

After following the above pocedures your sitetosite vpn . To check if there is network communication between the two vpc and vnet deploy instances without public ip in both subnets and check for connection using, rdp telnet and so on.

Top comments (0)

Read next

killianmcgrath7 profile image

Stop Leaving Yourself Open to Massive Cloud Bills

Killian McGrath -

nr18 profile image

Compliant infrastructure using infrastructure as code

Joris Conijn -

ernesto27 profile image

Golang - AWS ECS lambda project

Ernesto Ponce -

gwettlaufer profile image

Back on the grind

George Wettlaufer -