hands-on lab

Connect Azure Virtual Networks with VNet-to-VNet VPN Connections

Intermediate
2h
2,187
4.5/5
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.
Lab description

Azure virtual networks (VNets) connected with a VNet-to-VNet connection can communicate through a secure IPSec/IKE encrypted tunnel using Azure's backbone network without ever traversing the public internet. VNet-to-VNet connections can connect VNets in different regions, Azure subscription, and associated with different Microsoft Entra tenants. VNet-to-VNet connections are ideal for setting up your own geo-replication or synchronization with secure connectivity over Azure's backbone network and for connecting VNets in multi-tier applications with isolation or administrative requirements between tiers.

In this lab, you will establish a VNet-to-VNet connection to allow a virtual machine to access another virtual machine in a different VNet.

Lab Objectives

Upon completion of this lab, you will be able to:

  • Understand VNet-to-VNet connections and when you would prefer them over other methods for connecting VNets
  • Create VPN gateways using the Azure Portal and Azure CLI
  • Configure VNet-to-VNet connections between VPN gateways
  • Test VNet-to-VNet connection connectivity

Lab Prerequisites

You should be familiar with:

  • Basic understanding of Azure networking concepts including VNets, subnets, and network security groups
  • Working with at the command line in Linux and having prior experience with the Azure CLI is beneficial

You can fulfill the prerequisites by completing the Introduction to Azure Virtual Networking Course and the Linux Command Line Byte Session Learning Path.

Updates

January 18th, 2023 - Updated lab screenshots to reflect the latest UI

July 10th, 2023 - Updated lab instructions and screenshots to reflect the latest UI

September 28th, 2022 - Updated the lab to use the Cloud Academy Web Terminal

September 16th, 2021 - Corrected the name of a resource appearing in the portal's search results

Environment before
Environment after
About the author
Avatar
Logan Rakai
Lead Content Developer - Labs
Students
212,303
Labs
223
Courses
9
Learning paths
55

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.

LinkedIn, Twitter, GitHub

Covered topics
Lab steps
Logging in to the Microsoft Azure Portal
Understanding the Azure VNet-to-VNet Scenario
Creating an Azure VPN Gateway in the Portal
Logging In to the Azure CLI in the Web Terminal
Creating an Azure VPN Gateway with the Azure CLI
Establishing the VNet-to-VNet VPN Connection
Validate Connect Azure Virtual Networks with VNet-to-VNet VPN Connections