Site-to-Site VPN Connection between Azure and AWS Demo

By

 Site-to-Site VPN Connection between Azure and AWS Demo

Step 1: Configuring Azure

  1. Crate a resource group on Azure to deploy the resources on that

Resource Group Name: Azure-Aws

Region: East-US

  1. Create Virtual Network

Resource Group Name: Azure-Aws

Region: East-US

VNet Name: vnet-azure

VNet IPv4 Address Space: 172.20.0.0/16

Subnet Name: subnet-01

Subnet IPv4 Address Space: 172.20.1.0/24

  1. Create the VPN Gateway

VPN Gateway Name: VPN-Azure-Aws

Region: East-US

Gateway Type: VPN

SKU: default

Generation: Generation 1

Virtual Network: vnet-azure

Public IP Address: pip-vpn-Azure-Aws

Public IP Address Type: default

Assignment: Staic

Enable active-active mode: Disabled

Configure BGP: Disabled

Configuring AWS

  1. Create the Virtual Private Cloud (VPC) in AWS

Name: my-awsvpc-01

IPv4 CIDR: 10.20.0.0/16

  1. Create a subnet inside the VPC (Virtual Network)

Name: my-awssubnet-01

VPC Name: my-vpc-01

VPC IPv4 CIDR: 10.20.0.0/16

IPv4 CIDR: 10.20.1.0/24

  1. Create a customer gateway pointing to the Public IP Address of Azure VPN Gateway

IP address: Public IP Address of Azure VPN Gateway

Rest keep everything as default

  1. Create the Virtual Private Gateway then attach to the VPC

Name: vpg-Aws-Azure

  1. Create a site-to-site VPN Connection

Name: VPN-Aws-Azure

Target gateway type: Virtual private gateway (Select your Virtual private gateway created in 7)

Customer gateway: Existing (Select your VCustomer gateway created in 6)

Routing options: Static

Static IP prefixes: 172.20.1.0/24

Leave rest of them as default

  1. Download the configuration file

Vendor: Generic

Platform: Generic

Software: Vendor Agnostic

In this configuration file you will note that there are the Shared Keys and the Public Ip Address for each of one of the two IPSec tunnels created by AWS.

Connecting Azure and AWS

  1. Create the Local Network Gateway in Azure

Name: Azure-Aws-tunnel-1

Resource Group Name: Azure-Aws

Region: East-US

IP address: Get the Outside IP address from the configuration file downloaded

Address Space(s): 10.20.0.0/16

 

Name: lng-Azure-Aws-tunnel-2

Resource Group Name: Azure-Aws

Region: East-US

IP address: Get the Outside IP address from the configuration file downloaded

Address Space(s): 10.20.0.0/16

 

  1. Create the connection on the Virtual Network Gateway in Azure

Name: connection-Azure-Aws

Connection Type: Site-to-Site

Local Network Gateway: Select the Local Network Gateway which you created in 10.

Shared Key: Get the Shared Key from the configuration file downloaded in 9.

Wait till the Connection Status changes to - Connected

In the same way, check in AWS Console wheather the 1st tunnel of Virtual Private Gateway UP.

  1. Create Internet Gateway and Attach it to VPC in AWS:\

Name: my-internet-gateway

  1. Now let's edit the route table associated with our VPC

Add the route to Azure subnet through the Virtual Private Gateway

Destination: 172.20.1.0/24

Target: Virtual Private Gateway that we created.

Or (Add route propagation enable)

also add internet gateway

Destination: 0.0.0.0/0

Target: Internet Gateway that we created in 12.

  1. Create VMs in both Azure and AWS and Test the connection.

 

Comments

Post a Comment

Popular posts from this blog

How to install and configure OSSEC server and client

By
How to install and configure OSSEC server and client sudo timedatectl set-timezone Asia/Calcutta Asia/Calcutta   1. sudo apt-get update && sudo apt-get upgrade -y 2. sudo apt-get install build-essential libevent-dev zlib1g-dev libssl-dev unzip wget -y 3. sudo apt-get install libpcre2-dev 4. sudo apt-get install libsystemd-dev 5. wget https://github.com/ossec/ossec-hids/archive/3.7.0.tar.gz 6. tar -xvzf 3.7.0.tar.gz 7. cd ossec-hids-3.7.0 8. sudo ./install.sh 9. sudo /var/ossec/bin/ossec-control start   Configure OSSEC nano /var/ossec/etc/ossec.conf Update below <global>     <email_notification>yes</email_notification>     <email_to>root@localhost</email_to>     <smtp_server>127.0.0.1</smtp_server>     <email_from>ossecm@localhost</email_from> </global>   <global>     <emai...
Read more

How to install nuke in windows 10 and windows 11,Installing Nuke on Windows, Install Nuke on Windows

By
  SINGLE MACHINE 1.Install Your Foundry Product 2.Install FLT7 (If you already have our rlm server working and running , jump to step 8)  3.Stop Foundry License Server 4.Copy the cracked rlm.foundry.exe over the original one (C:\Program Files\The Foundry\LicensingTools7.1\bin\RLM\rlm.foundry.exe)  5.Edit xf_foundry.lic replacing desktop 1234567890123456 (host name, Mac-Address)  You can get those informations using rlmutil.exe , a simple dos window ipconfig/all   or you can start Foundry License Utility and choose Diagnostics and Run Diagnostics, you will find your hostname, your mac address (System ID)     PORT is by default 5053 if you dont put any (dont forget to delete the word PORT then if you dont want to specify one) . If you need more infos read RLM manual. 6.Copy the xf_foundry.lic to C:\ProgramData\The Foundry\RLM or C:\Program Files\The Foundry\LicensingTools7.1\bin\RLM\ 7.Restart RLM Server you can do that from services or just with Fo...
Read more

Autodesk Maya 2024 Install Windows 11

By
 1) Install Autodesk Application - Do Not Start it yet  2) Install the Autodesk network license manager (v11.18.0) from crack folder (NLM.msi Update 8)      -Default install is "C:\Autodesk\Network License Manager"     -Stop any running instance (lmgrd, adskflex) if you have one     -Replace adskflex.exe by cracked one   3) Replace the version.dll - \Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingAgent\ 4) Edit lic.dat and change HOSTNAME and MAC to suit your configuration (if you are not sure start LMTOOLS Utility and go to     System Settings, your HOSTNAME and MAC will be listed)    You can change vendor port too and add your previous licenses of course :)    Save lic.dat where you want (we suggest to "C:\Autodesk\Network License Manager" folder) 5) You have 2 options:     1)Start Network License Manager manually :     Run the license manager w...
Read more