In this video, learn how to configure a virtual network gateway that can be used to create a connection to an on-premises site or to another Azure virtual network
- [Instructor] I'm going to show you how to create a virtual network gateway, and I would think that this would be a review for most of you, but it is a requirement for the upgrade exam. If you need a refresher on Azure virtual networking, please review the full course, Microsoft Azure Virtual Network Implementation, within the library. For this demonstration, I've already gone ahead and created two virtual networks, as well as one virtual network public IP. For this lesson we can ignore Vnet2.
Before we go ahead and create the virtual network gateway, I do wanna show you one thing in the public IP. Now it's very easy to create a public IP, and it's required for your virtual network gateway. The one thing I want to point out here is for your virtual network gateway, a dynamic IP address will be required, not a static. Be sure that it is dynamic when you create the public IP. Let's go ahead and create the virtual network gateway. Go ahead, click add.
You can go ahead and search for gateway. I'm gonna select the virtual network gateway, and we have our blurb, I'm gonna go ahead and click create, and next I need to provide a name for our gateway. I'm keeping it very simple. We have two gateway types to select from, we have VPN and ExpressRoute. If I select on ExpressRoute, you'll notice that we have a drop down for SKUs. If you haven't reviewed the SKUs for ExpressRoute recently, I would highly recommend you do so before attempting the exam, as the naming has changed somewhat.
We're gonna work with a VPN gateway, and we can go ahead and choose VPN type. We can use route based or policy based. For most of your connections, it will be route based. You'll notice if I do select policy based, I can only select from the basic SKU. We'll go back to route based, and you'll notice here if you haven't looked at the SKUs lately, this may look a little different, again you'll want to review the SKUs. At a very high level, the basic SKU supports up to 10 site-to-site or Vnet-to-Vnet connections, whereas the VpnGw SKUs all support up to 20 site-to-site or Vnet-to-Vnet connections.
All of the SKUs, whether it's basic or the VPN support up to 128 point-to-site connections. I'm gonna go ahead and select SKU VpnGw1. You can also enable active active mode. An active active gateway provides connectivity to multiple VPN gateways from a single on prem connection. If you're like me and wrote the exam when it was first launched, you will need to review the new gateway options, including high availability. Next we're gonna select the virtual network that we want to associate this gateway to, and you'll notice that I have several here to choose from.
We are going to be working with Vnet1 in the Vnet-to-Vnet resource group, and we already saw that I created a public IP address so I'm gonna go ahead and use it here. I could go ahead and create one on the fly. In the drop down, you'll see a list of the IP addresses that I can associate with this virtual network gateway. I only have the one, and that's the one we'll use. One thing I want to note here is your public IP address must be in the same subscription and location as your gateway.
You can also enable warded gateway protocol, but note that it is only available in specific SKUs. Your subscription and location should already be configured, and that's it, go ahead and click create. If you're following along in realtime, now's a great time to go and grab a coffee or lunch, as this will take at least 45 minutes to provision.
- Managing Azure subscriptions and resources
- Implementing and managing storage
- Configuring and managing virtual networks
- Managing identities
- Evaluating and performing server migration to Azure
- Implementing and managing application services
- Implementing advanced virtual networking
- Securing identities