Azure Hub and Spoke Virtual Network (VNet) with a VPN Gateway

Рет қаралды 20,795

Күн бұрын

In this video, we create a hub and spoke network in Azure by peering our spoke VNet’s to a centralized, Hub Virtual Network. Then we use a VPN Virtual Network Gateway to enable gateway transit connectivity between the spokes. Next, we configure routing with Azure Route Tables and User Defined Routes (UDR) to send traffic going to other spokes to the hub. Then we log into a virtual machine and verify connectivity.
00:00 - Start
03:22 - Create the Gateway
05:54 - Peer With the Gateway
08:36 - Configure the Routing Table
14:27 - Test Connectivity
Links:
Zero to Hero with Azure Virtual Desktop www.udemy.com/course/zero-to-...
Hybrid Identity with Windows AD and Azure AD www.udemy.com/course/hybrid-i...
Site to Site VPN with a Windows RRAS Server • Site-to-Site Azure VPN...
An Introduction to VNet Peering in Azure • An Introduction to Vir...
Spokes Communication learn.microsoft.com/en-us/azu...

Пікірлер: 25

@gpltaylor Жыл бұрын

Amazing video. one of the best, shortest, for profession by profession videos... Most videos on this topic, insist on walking you over "what is a VNET". This get's to the point fast!

@Ciraltos Жыл бұрын

Glad you liked it!

@tendaimusonza9547 Жыл бұрын

liked the video right from the first few seconds of introduction ,great

@smeyyappan 11 ай бұрын

Awesome ! You make everything look so simple. That is Great !!! 🙂 Thank you May God bless you.

@neeharikagv2812 Жыл бұрын

Thank you so much for this video. This was one question during my interview few days ago. Also I didn’t understand what exactly is ‘hop’ which makes sense now from this video. Thank you Sir..

@joaquincotilla2747 Ай бұрын

Great video, thanks. Now, the same video but a Azure Firewall, please.

@asitha106 Жыл бұрын

clear and complete, thank you!

@tog7861 Жыл бұрын

Thank you so much for putting this together. I have been trying to figure out my vnet to s2s vnet routing for hours and could only find resources talking about azure vnet to vnet, but you talking about route table made it all click! Duh! Why didn't I think, "I wonder if there is a route table"

@SOTOSKAWASAKI Жыл бұрын

Great video, I did not know one could use a VPN Gateway as a router. Having said that, regarding what you said about being complicated by the need to create a route table per vnet, if you are using a third party NVA in the Hub network, you can create only one route table with the default route pointing to NVA ip address. Then this could make things much simpler. Of course you need the proper configuration on the NVA itself.

@abelcarvajalgil6705 Жыл бұрын

great video, the explication is ease

@bshwjt 8 ай бұрын

Awesome & easy

@peacejon2019 Жыл бұрын

Great Videos man 🙌🙌🙌🙌🙌 continue doing the Lord's work.... Can you do something on Azure Landing Zone?

@user-qh5it2kf6h Жыл бұрын

Agradecer por el contenido!!!

@mradbilel7268 Жыл бұрын

Thanks for the video , is there a difference between configuring the peering from the HUB ? otherwise why you choose to create the peering from Spoke to peering ?

@bloknath6800 Ай бұрын

Great video. Is it possible to connect spoke1 to spoke2 without UDR or direct peering?

@prasantchettri133 Жыл бұрын

Are you using VPN gateway as cost effective example for VWAN over S2S or ER?

@kannanswaminathan8210 Жыл бұрын

Short and lot of details. Thanks a lot. I have an issue. I have hub and spoke model. i have a vm in hub and a vm in spoke. i use point to site. The issue is, i am able to RDP the vm on Hub but not able to control/RDP the vm on Spoke. Both the vnet's are peered. What could be the issue?

@roneyr9522 3 ай бұрын

Hi Travis, I want to use a point-to-site vpn tunnel with vpn gateway to connect to four different azure subscriptions. What would be my best approach. Also I don't want these resources to share any data or connectivity with other subscriptions like dev and prod.

@stevenaudy9323 Жыл бұрын

Hi Travis, what about this scenario ? hub and spoke1 have own vnet gateway. how to set the route table ? i tried set it next hop to virtual network gateway, it's not connected.

@user-bb5rh4py1h Жыл бұрын

Morning Travis! can I ask why you dont recommend this for production? in terms of using the Gateway for the transitive routing as I use a similar set up in my production environment thank in advance

@Ciraltos Жыл бұрын

Hub and spoke is the preferred way to connect multiple VNets. The caution is about using a VNet gateway as the router. VNet gateways are made to encrypt traffic and although they will work, Microsoft recommends against it. learn.microsoft.com/en-us/azure/architecture/networking/spoke-to-spoke-networking?WT.mc_id=AZ-MVP-5004159#pattern-2-spokes-communicating-over-a-network-appliance

@user-bb5rh4py1h Жыл бұрын

@@Ciraltos Thanks for your responsem what about in a site to site context using the virtual network gateway transit setting in the VNETs peered to the HUB is that considered ok for production?

@user-wu7xh1fc2q 6 ай бұрын

Wouldn't this cause delay because the traffic goes from the virtual network to other virtual network through the hub each time ? And this would get worst with any additional virtual network added to the system?