Now we have made the Microsoft NVGRE Gateway in System Center VirtualMachine Manager for our Private Clouds :
Making a NVGRE Gateway with System Center 2012 R2 Virtual Machine Manager
It’s Time to make Hybrid Cloud with a Virtual Site-2-Site VPN Gateway with Microsoft Azure.
Here is our configuration on-premisses :
More information on the Config is here
To make a Microsoft Virtual Site-2-Site VPN Gateway with Microsoft Azure follow the next step-by-step guide :
Go to the Management portal of Microsoft Azure : https://manage.windowsazure.com and login with your ID.
When you don’t have a Microsoft Azure subscription you can get a Free Trail here
Go to Network and Create a Virtual Network
Here you create the following items :
- The name of your Virtual Network in Microsoft Azure ( We called it YellowAzure Because we have also a Private Cloud called YellowTenant )
- Select the region
- And we Created a new Affinity Group Name called YellowAffinityGroup
Here we set two items for the Site-2-Site VPN Gateway :
- Our DNS Server on-premisses YellowDC01 with IP-address 192.168.101.4
- And we mark checkbox Configure a Site to Site VPN
More information on Virtual Network Overview in Microsoft Azure is here
Here you set the following items :
- The Name of the On-Premisses VPN Site, we called YellowTenant.
- The outside IP-Address of your VPN Device, that’s our Microsoft RAS Server. ( Remote Access Server)
- And you add the local address Space, in our case 192.168.101.0/24
Here we select the Address Space for the Microsoft Windows Azure VM’s with the subnets and Gateway range.
Up to 5 Virtual Networks are allowed per subscription and up to 5 Local Networks are allowed per subscription. Each Virtual Network can connect to only one Local Network (one gateway) but there can be multiple subnets on that Local Network for routing purposes.
All the information is there to create the Microsoft Azure VPN Gateway.
Creating the Gateway takes a few minutes.
The Gateway is ready now on Microsoft Azure, go to the right site of the screen and download the VPN Device Script :
With the right VPN Device Script you connect your on-premisses VPN Device with the Microsoft Azure Gateway you just created.
Here you can choose your VPN Device, we have a Microsoft Server 2012 R2 with RAS role active so we choose this one.
More information about Supported VPN Devices for Virtual Network you can find here
Save the file on the RAS Server.
Open Windows Powershell ISE on the RAS Server.
Open VPNDeviceScript.cfg
Select all and run script.
Done your finished.
Status Windows Azure ready to connect.
The Virtual S2S VPN Gateway is active and running, we have HYBRID CLOUD.
To see this work we made a Cloud Service in Microsoft Azure by the next steps :
The Cloud Service YellowAzure is made and now we are going to provision a Virtual Machine in this Cloud with our own IP-Address :
Here you can select lot of templates, but we choose for Windows Server 2012 R2
UserName is here blank but use your local admin name and choose the Size of the VM.
Here we select our Virtual Network SubnetYellow
Here you can make your endpoints with the VM
Here we are pinging from our Private Tenant with the YellowRAS01 virtual Server to the new Windows Azure VM
YellowAzureVM01 resource of Azure Virtual Networks.
We joined the YellowAzureVM01 Virtual Machine to the on-premisses domain and is working with servers in the private Cloud called Yellow Tenant.
Hybrid Cloud is working great with Microsoft CloudOS :-)
