The course is part of these learning paths
See 3 moreLearn how to configure Microsoft Azure connectivity and name resolution with this course instructed by a Cloud Academy expert.
In this course, you will learn two different ways to connect virtual networks together. The course starts by teaching you how to set up peering between virtual networks, then moves on to show you how to connect two VNets using a virtual network gateway. Once you have mastered network connections, you will learn how to use Azure DNS to configure custom domain names for the resources in your VNets. Finally, we will move on to learning how to set up both public and private DNS zones.
This course is essential for those looking to train enterprise teams since, by default, Azure virtual networks are isolated from each other and only have a rudimentary form of name resolution. To build useful networks in Azure, you will need to connect these virtual networks together. To make them easier to manage, you will need to implement custom name resolution.
This course is made up of 7 lectures with an introduction and conclusion to aid in reviewing what you have learned throughout the course.
Learning Objectives
- Configure Azure virtual network peering
- Create a virtual network gateway and use it to connect two VNets
- Configure Azure DNS to handle name resolution
Intended Audience
- Those looking to become Azure cloud architects
- Those preparing for Microsoft’s AZ-100 or AZ-102 exam
Prerequisites
- Basic knowledge of Azure virtual networks
Additional Resources
- The GitHub repository for this course is at https://github.com/cloudacademy/azure-networks-and-dns
Before Microsoft released virtual network peering, the main method of connecting two VNets together was to use virtual network gateways. This method isn't needed nearly as much now since VNet peering is a lot easier, but there are still circumstances when it can be useful.
Now I'll show you how to create a VNet-to-VNet connection. I'll warn you that it can take 45 minutes or more to create a gateway. So if you're going to follow along on your own Azure account, keep that in mind. A virtual network gateway needs to be deployed in its own subnet, so let's create one. Go into your first VNet, and select Subnets from the Settings menu. Then click add Gateway subnet. It helpfully names it GatewaySubnet for you. This specific name is actually required in order for Azure to recognize it as the gateway subnet. For the address range, you won't need 251 IP addresses. Microsoft recommends using either 27 or 28 for the length of the subnet mask, so change the suffix to 28. This still gives you 11 usable addresses. Then click OK. Now add a gateway subnet to the second VNet as well. All right, now we're going to create a gateway. In the Search bar, type gateway. Then select Virtual network gateways. Click Add. Call it gw1. We're not using ExpressRoute, so leave the gateway type as VPN. Leave the VPN type as Route-based. For the SKU, which is the pricing tier, since this is just a test, change it to Basic. Click Virtual network, and select your first VNet. You have to assign a public IP address to the gateway, so type a name for it. I'll call it gw1pip. Then click Create. Now add a gateway in the second VNet. I'll fast-forward.
All right, both gateways have been deployed. Now we can create the connections between them. Go to the first gateway. Select Connections from the Settings menu, and click Add. Type a name for the connection, such as vnet1-vnet2. Leave the connection type as VNet-to-VNet. It already set this gateway as the first virtual network gateway. Click on the second one, and choose gw2. Now it wants a shared key to encrypt the connection. This is kind of weird. Where are you supposed to get the key from? Well, normally VPN gateways are used to connect to VPN devices at an on-premises location. So in that case, you'd get the key from the VPN device. But in this case, we're connecting to another VPN gateway, so we have to make up our own key. It can be anything as long as it's just letters and numbers. If you were doing this for a production system, then you'd want to use a good key. But since this is just a demo, I'm going to use abc.
Then click OK. Now we have to create a connection in the other direction as well. This time I'll call it vnet2-vnet1. We have to put the same key here that we put in the first connection. It takes a little while before they're fully connected, so I'll fast-forward again. You might need to refresh your browser. When the connections have succeeded, their status will change to Connected. To verify that traffic is flowing between them, click on a connection and look at the Data in and Data out numbers. They should be above zero, which they are. And that's it for virtual network gateways.
Guy launched his first training website in 1995 and he's been helping people learn IT technologies ever since. He has been a sysadmin, instructor, sales engineer, IT manager, and entrepreneur. In his most recent venture, he founded and led a cloud-based training infrastructure company that provided virtual labs for some of the largest software vendors in the world. Guy’s passion is making complex technology easy to understand. His activities outside of work have included riding an elephant and skydiving (although not at the same time).