In this blog post, we shall take a deeper look into the Azure VMware Solution network connectivity between the Azure VNet for accessing Azure native services such as Bastion, Azure AD, SQL etc. and further connectivity to the On-premise network to migrate virtual machines or hyrbid setup.
Step 1 & 2 – Connectivity between Azure VMware Solution (AVS) – Express Route to Azure VNet
- After the deploying the AVS we need to connect it to the Azure VNet for consuming Azure Native Services such as Bastion, SQL, AAD etc.
- Note AVS pre-deploys the ExpressRoute for you (AVS – Manage – Connectivity – Express Route).
- We need to have a Virtual Network Gateway (VNG) existing on Azure VNet, or we need to create one. All steps to be performed under portal.azure.com
- Deploy the Virtual Network Gateway (VNG) on Azure subscription
- Make sure you have a VNG created on Azure VNET
- Give it a name – AZ104-VNG01
- Resource Group – Select New or existing
- Location – Australia East
- SKU – Standard (for demo and testing purposes)
- Virtual Network – Select the existing VNET (E.g. 10.0.0.0/16) for Azure. Note it will create the Gateway Subnet automatically (10.x.x.x/24)
- Type – ExpressRoute
- Public IP Address – Create New (It will auto assign a public IP)
- Optional Create Tags
- Save and Create
- Under AVS – Connectivity – Express Route
- Request the Authorization key
- Name – ToAzureVNET
- Copy the Key and Express Route ID
- Request the Authorization key
- Open the VNG (AZ104-VNG01) and Settings – Connections
- Click on Add
- Name – FromAVSPrivateCloud
- Connection Type – Express Route
- Enter the Authorization Key and Express Route ID and paste them here
- Click OK
- The Status will change from Updating to Succeeded
- Now we have the connectivity between the AVS and Azure VNet.
Step 1 & 3 – Connectivity between Azure VMware Solution – ExpressRoute Global Reach to On-premise networks
- Now we will establish the connectivity between AVS and On-premise networks
- ExpressRoute Circuits – This is the coming from On-premise into Azure VNet
- This will depend upon the partner network (Equinix, Telstra etc.)
- Note there are different type of Peerings available. Select based on your design – Azure ExpressRoute Overview: Connect over a private connection | Microsoft Docs
- Azure Private – We are going with this option at the moment
- Azure Public (Public IP address required)
- Microsoft (Office 365 etc.)
- Click under Settings – Authorizations
- Click on Add
- Name – AuthorizationforAVS
- Copy the Authorization Key
- Copy the Resource ID, which is the Express Route Circuit ID
- Under AVS – Connectivity – ExpressRoute Global Reach
- Click on Add
- Select the Subscription and Resource Group
- Copy and paste the Authorization key and Express Route Circuit ID
- Click Create
- It will show as Connected
Useful Quick Start Links
The intention here is to get you a few useful links on the Networking on Azure VMware Solution:
| Description | Links |
| AVS Network Setup – Video from Trevor Davis | Azure VMware Solution – Network Setup – YouTube |
| VMware Documentation – Using Azure ExpressRoute with AVS | Designlet: Using Azure ExpressRoute with Azure VMware Solution for On-premises Connectivity | VMware |
| Azure ExpressRoute Pricing | Pricing – ExpressRoute | Microsoft Azure |
| Previous Blog post – Mindmap AVS Networking guidance | Mindmap – Azure VMware Solution – Guidance on Deployment and Networking | AskAresh |
| ExpressRoute Private Peeting | GitHub – microsoft/Deploy-and-Optimize-Azure-ExpressRoute-Private-Peering: This deployment guide is focused on helping you deploy and optimize the Azure private peering, which enables connectivity between your private network and your Azure VNets over ExpressRoute. |
I hope you will find this helpful information on your AVS Networking journey. Please let me know if I have missed any steps or good reference links, and I will be happy to update the post.
Thanks,
Aresh Sarkari
Leave a Reply