Over the last few years working with Azure and in particular working with the new portal, I have ran into multiple people, including IT professionals, that have had difficulty deploying a Virtual Network (VNET) with a Virtual Network Gateway. The instructions below are the ones that I have provided to assist with solving this.
NOTE: This guide will include some assumptions about the IP Address space and subnets used, but feel free to adjust the numbers accordingly to fit your needs.
- You must have an Azure account – you can start with the free trial
Reading Material and References
The following links are excellent references to read either before you follow the guide further down or after you have completed it (I recommend before).
- About VPN gateways
- VPN Gateway FAQ
- Create a VNet with a Site-to-Site VPN connection using the Azure Portal and Azure Resource Manager
- About VPN devices for Site-to-Site VPN Gateway connections
Steps to Follow
1. Create a Virtual Network in Azure using the resource manager by going to ‘New’ then ‘Networking’ and selecting Virtual Network. You will then select your deployment model (I suggest Resource Manager) and click ‘Create’:
2. Now you will be able to specify the settings for your Virtual Network. Add an identifiable name, so you will know what it is used for when you see it. Input an Address Space (note: All the subnets in your VNET must be fully contained in this address space and should not overlap with one another). I used 10.1.0.0/16, which gives an address space of 10.1.0.0 to 10.1.255.255. Input a name for your first Subnet (I left mine as the default). Then the Subnet address range, remember it needs to be contained within the address space (above). I used 10.1.0.0/24, which gives me 256 IP addresses (10.1.0.0 to 10.1.0.255).
3. Scroll down and choose the subscription you wish to create the VNET in, create a new Resource Group with a name, and choose the region of Azure you wish to deploy into, then click ‘Create’. You may want to check the box to have the VNET show up on your opening dashboard for easy reference.
4. Wait for the VNET to finish being created
5. Now you need to create a Gateway Subnet for your future Virtual Network Gateway. Open your newly created VNET either by clicking on the icon on your dashboard or by going to All Resources and finding it in the list (the settings will open automatically):
6. Wait for this operation to complete.
7. Now you will create a Virtual Network Gateway and select the VNET that you have previously created, you can start this by clicking on ‘New’ then scrolling down to ‘Virtual Network Gateway’:
8. Click on Public IP Address and create a public IP (note: this will just be a name and Azure will assign you an IP Address):
9. Either create a new Resource Group or select an existing resource group for the gateway (I used the same one as my VNET):
10. Make sure you have the Route-Based or Policy-Based selected (as needed) and click create:
That’s it, it is that simple.