Scribd
Upload
8 views58 pages

Site To Site (Project Document) - AWS To AZURE.

Uploaded by

venkatreddy54313
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views58 pages

Site To Site (Project Document) - AWS To AZURE.

Uploaded by

venkatreddy54313
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 58

Site to Site VPN

AWS to Azure
Conoguring Azure.
1. Create a resource group on azure to deploy the resource
on that.
(a).
(b).
©.choose your subscrip}on ,give the name of
resource group and select the region.
In may case:-

Resource group name:-rg-azure-aws.


Region :- canada centeral.
(D).Review +create.
(E).Aver Valida}on pass successful press create.

2.Create Virtual network.


(A). Search on the virtual network on the search bar and select.

(B).Select Create in virtual natwork.


©.In the sec}on of Basic,Select subscrip}on ,select resource group
which we have created previously,give the name of virtual network
and press next.
In my case the name of virtual network:-

1.Name:-vnet-azure.

2.region:-Canada central.

(D). In the sec}on of IP address give the vnet ip address.


*vnet ipv4 address space :- 172.10.0.0/16
(E).Select add subnet.
(F). give the subnet name and star}ng address ,ex:-172.10.1.0/24. And press add buton.
(G). Select review +create.
(H).Select create.

(STEP 3):-create the subnet gateway.


(A). In the Vnet which we have created in our resource group select subnet.

(B).Select the gateway subnet.


( C).give the subnet name ,subnet address range and select the save op}on.

(Step 4):- create the VNet gateway.

(A) Search on the search bar virtual network gateway and select the vnet gateway.
(B). select the create op}on for crea}ng the Vnet gateway.

( C).
Vnet gateway name:-vpn-azure-aws.
Region:-central canada.
Gateway type:-vpn
SKU:-Vpngw1.
Genera}on:-Genera}on1
Virtual network:-vnet-azure.
Public IP address name:-pip-vpn-azure-aws
Enable active-active mode :-Disable.
Configure BGP:-Disable.
(D).Select review + create.
(E).select create.
Note:-It will take }me 15 to 20 min.

Conoguring AWS.

(step 5):-Create the virtual private cloud (VPC) in a aws.


(A) Search on the search bar and select the VPC.

(B). Select create VPC.


(C).Select VPC only,Give the name of VPC and give the Ipv4
CIDR.
And select the create op}on.
(step 6).Create a sunbnet in the vpc.
(A).in the VPC sec}on select the subnet op}on.

(B).Select create subnet.


( c). In the subnet sec}on select VPC which we create.
(D). Aver select the VPC,give the subnet name ,select the availability
zone,give the IPv4 subnet CIDR block and select the create
option.
(step 7).Creat a customer gateway poin}ng to the public IP
address of VPN gateway.
(A). In the sec}on of VPN select the customer gateway.

(B).Select the create customer gateway.


( C).Give the name of Customer gateway and IP address.
Note:-Public IP address of azure VPN gateway rest keep
everything as default.

For this public ip address you can go azure VPN gateway and
copy IP address.
(Step 8):-Create virtual private gateway then atach to the
VPC.
(A).In the sec}on of VPN select Virtual private gateway.

(B). Select the create virtual private gateway.


(C ).Give the name of virtual private gateway and keep the all seýng default,and select create virtual
private gateway.

(D).Currently this Virtual private gateway is detached state


we need to atached with the VPC.Select the VPG and from
the ac}on buton select atached to VPC op}on.
(E).Select the our VPC and choose to the Atach to VPC
Now our VPG is atached to the VPC.

(9):-Create a site to site VPN connec}on on AWS.


(A).IN a VPN sec}on select to the site-to-site-VPN
connec}on.
(B). Select Create VPN connec}on.

( C).Give the name of VPN connec}on.


*Target gateway type:-virtual private gateway.
*Select virtual private gateway.
*Customer gateway:- Exis}ng.
*Select customer gateway ID.
*Rou}ng op}on:-Sta}c
Sta}c IP preox:- Copy this IP address and put the sta}c ip preox sec}on on aws.
*Leave rest of them and Select create VPN connec}on.

Note:-this VPN connec}on currently pending state it


will take some }me to create
*the state is been changed to Available.

*If you go tunnel details we get bydefault 2 tunnel and


if see the state of tunnel is down it is }ll not up.
*So we need to the conogure tunnel.
(step 10):-Download the conogura}on ole.
(A).Select the VPN connec}on.
(B).Select the download conogura}on op}on.
( C).Select the men}on op}ons.
*Vendor:- Generic.
*Platefrom:-Generic.
*sovware:-Vendor agnos}c.
*IKE version:-ikev1.
*Select the download op}on*
*so this will download a Txt ole. So this will how ole look.
*In this conogura}on ole you will note that ther are
the shared key and the public IP address

(11).Connec}ng Azure and AWS.


(A).Create the local network gateway in azure.
*search on the search bar local network gateway and
select.
(B). Select the Create op}on

( C). select the subscrip}on and Resource group and give the
name of local network gateway
*Endpoint:-IP address
*IP address:-get the IP address from the conoguar}on ole
download in 10th step.
*Address Space:- specify the address range of your aws vpc
(D).select the op}on review and creat.
(step 12).Create the connec}on on the virtual network
gateway in Azure.
(A).WE have go to the virtual network gate and select which
we are created.

(B).select the connec}on op}on.


( C). Currently we don9t have any connec}on so we need to
choose ADD op}on for established a connec}on.

(D).Select a subscrip}on and resource group.


*Connec}on type:-Site to Site.
*Name:-connec}on-azure-aws.
*Select :-next seýng.

(E).In the seýng sec}on.


*Select the virtual network gateway.
*Local network gateway.
*Shared Key(PSK):-Get the shared key from the conogura}on
ole downloaded in 10th step.
*select review and create.
*Select create.

*wait }ll the connec}on status changed to 3


connected.
In the same way, check in AWS console wheatherthe
1st tunnel of virtual private gateway up.

(Step 13):- Create internet gateway and atached it to


VPC in aws.

(A).In the sec}on of virtual private cloud select internat gateway.


(B). Select create internet gateway.

(c). give the name of internet gateway and select the internet
gateway.

(D).Currently our internet gateway is detached state we need to


atached with the VPC.
*Select the ac}on buton.
*Select the op}on of Atach to VPC.

*Select our VPC and Atach internet gateway.


*Internat gateway atached successfully.

(Step 14):-Now let9s edit the Route table associated with the
our VPC.
(A). In the sec}on of VPC we need to select Route Table
*Select our VPC and go to the Route sec}on and select the edit
route.

(B).give the Des}na}on and target.


(Step 16):-Add ICMP protocol in inbound rule on both VM
(AWS and Azure).
(A).AWS:-
*GO to the EC2 and select your instance and go the the
security sec}on,and select your security group.
*In security group go to the in bound rule sec}on and go to
the edit inbound rule.

*In th inbound rule select the Add rule op}on.


Select type:-All icmp-Ipv4
Port range:-All
Source:-Anywhere
IP Address:-0.0.0.0/0 , for over the internet.
*Here successfully added your inbound rule.

(B):-Azure
(A).Select your VM and go to the networking sec}on.
(B). In th network seýng select the create port rule and select the
inbound rule.

(C).Select the ICMP rule and keep rest all the seýng as bydefault and
select ADD op}on.
*Here your ICMP inbound Rule Added successfully.

(Step 15):-Create VM in both aws and azure and test the


connec}on.

*(NOTE)*:-Before the connec}on tes}ng ,Disable


the both VM(aws and azure) window defender
and orewall.
*AWS to AZURE.

*AZURE to AWS.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy