A while ago I read about how to connect VMs between two VNets and it was nasty: before we could create a VPN tunnel we had to open Endpoints (punch holes through firewalls) and hope for the best!
Since TechEd NA 2014, we have had new functionality where we can connect two VNets, in the same or different data centers, in the same or different regions, or in the same or different subscriptions, via an encrypted & secure VPN tunnel.
As usual, this stuff is announced normally via blogs (it was mentioned in the TechEd keynote I think) and finding instructions can be fun. The first few guides I found were messy, involving exporting VNet configs, editing XML files, and importing configs.
You do not need to do this to set up a simple configuration to connect two VNets. I looked at the instructions, used by experience from site-to-site VPNs with Azure, and tried out a method that uses a temporary local network to enable you to create the VPN gateway and gateway VIPs for each vNet – these are required to create a local network for each VNet. We use local networks to define the details (public VPN IP address and routable private network IP address) of the network that will connect to a VNet.
I tried my method and it worked. And then I found instructions on MSDN that are similar to the method that I used. My method:
- Create the two VNets
- Create a temporary local network with made up gateway IP address (public VPN IP) and address space (private network address that will route to the VNet subnets)
- Configure each VNet to allow site-to-site VPN connections from the temporary local network
- Enable the gateway with dynamic routing on each VNet. This can take 15-20+ minutes for Azure to do for you. Plan other work or a break for this step.
- Record the address space and gateway IP address of both VNets
- Create a local network for each VNet – use the Gateway IP Address and Address Space of the VNet for the details of its local network
- Modify the site-to-site VPN configuration of each VNet to dump the temporary local network and use the local network of the other VNet – you’re telling the VNet the details of the other VNet for connection and routing
- Use Azure PowerShell cmdlets to run Set-AzureVNetGatewayKey. This will be used to configure a common VPN shared key for both VNets.
- Wait … the VPN connection will start automatically … there might be a failure before or just after you st the shared key. Be patient, and one VNet might show a connected status before the other. Be patient!
And that’s it. There is a FAQ on this topic. I’ll be publishing some deeper articles on the subject on Petri.com in the next few weeks.
Not much news for you to read today:
After a month of neglect, I have finally caught up with all of my feeds via various sources. Here are the latest bits of news, mixed up with other Microsoft happenings from the last month.
Technorati Tags: Windows Server 2012 R2
,Windows Server 2012
It’s been a long times since I posted one of these! I’ve just trawled my feeds for interesting articles and came up with the following. I’ll be checking news and Twitter for more.
- What Is Microsoft Azure RemoteApp? Learn about this new RDS offering in Microsoft Azure
- What are Hyper-V Virtual Machine Integration Services? My post on the Petri IT Knowledgebase
- What are Hyper-V Extended Port ACLs? My post on the Petri IT Knowledgebase
- Killing A Frozen Windows Server 2012 Hyper-V Virtual Machine: My post on the Petri IT Knowledgebase
- Performing Out-Of-Band File Copies to Hyper-V Virtual Machines: My post on the Petri IT Knowledgebase
- Hyper-V Router Guard and DHCP Guard Explained: My post on the Petri IT Knowledgebase
- Getting Started with Microsoft Azure Automation: Automation via PowerShell is the future. Learn how Microsoft Azure does it.
- How to Deploy a Non-Clustered Hyper-V Host: Part 1 of a series by me on the Petri IT Knowledgebase.
- SQL 2014 Licensing Update: The objective of this article is to review the publicly available documentation available on SQL Server. LOTS of changes, particularly for license mobility within server farms.
- Cluster Shared Volume Performance Counters: This gargantuan post covers performance monitoring of a CSV.
- Announcing the Data Classification Toolkit for Windows Server 2012 R2! A kit to help you control access to files.
- Recommended hotfixes, updates, and known solutions for Windows Server 2012 and Windows Server 2012 R2 Hyper-V Network Virtualization (HNV) environments: This article documents recommended hotfixes, product updates, and known solutions that are currently available for Windows Server 2012 and Windows Server 2012 R2 Hyper-V Network Virtualization (HNV) environments.
- VDS Basic Provider event ID 1 is logged on a Hyper-V guest operating system: A KB article for when you have W2008 R2 or Windows 7 running as a guest OS and you get Event ID 1 from the source of System/VDS Basic Provider.
- FIX: Backups are unsuccessful when you use Microsoft Azure Online Backup: When you try to back up data by using Microsoft Azure Online Backup, the backup process is unsuccessful.
- Update rollup package adds features to Microsoft Azure Online Backup in System Center 2012 SP1 DPM and in Windows Server 2012: This article describes an update rollup package that adds the following features to the Microsoft Azure Online Backup for Microsoft System Center 2012 Service Pack 1 (SP1) Data Protection Manager (DPM) on a computer that is running Windows Server 2012.
- ODX file transfers run slower than expected in Windows Server 2012: Microsoft is currently investigating some performance improvements for the TRIM and the UNMAP commands. However, this functionality is very dependent on the storage vendors’ implementation. Therefore, you should make sure that your storage software and firmware are up to date.
- Emulex driver and firmware update: The latest news from Hyper-V.nu on the shockingly awful lack of responsiveness to a critical failure by Emulex, affecting most blade customers trying to use WS2012 R2 Hyper-V.
- Ubuntu 14.04 in a Generation 2 VM: Canonical released Ubuntu 14.04 was the first Linux release to support running inside of a Generation 2 virtual machine. Note that CentOS 7 and RHEL 7 have also joined the generation 2 VM club.
- Allowing non-Administrators to control Hyper-V–Updated: It’s really easy to delegate Hyper-V administration rights on WS2012 and WS2012 R2 Hyper-V
- How to get the best disk performance with Linux on Hyper-V: Based on information from Best Practices for running Linux on Hyper-V.
- Can you run Windows Server 2012 R2 on Windows Server 2008 R2? No.
- Azure Site Recovery – FAQ: Pay attention to the details. This service might not be for you unless some serious changes are made by Microsoft.
- The VMM team wants you…to tell us what you want: Be nice 🙂
- VDI VMs deployed through RDS do not appear in the VMM 2012 console: After you create Virtual Desktop Infrastructure (VDI) based virtual machines (VM) in new Collections by using Remote Desktop Services (RDS), the VM intermittently fails to show up in the System Center 2012 Virtual Machine Manager (VMM 2012) console.
- Contribute your feature suggestions for Windows Azure Pack! A smaller audience, but still …
- Public IP Address Requirements within a Windows Azure Pack environment: Giving VMs access to the net.
- Operations Manager team – Looking to talk to Storage, Network or Application Administrators: These areas need development in the monitoring space.
Technorati Tags: Azure
,Windows Server 2012
,Windows Server 2012 R2
This presentation was an introduction for IT pros to deploying hybrid cloud solutions based on Microsoft Azure, in conjunction with on-premises Hyper-V / System Center deployments. Here’s the deck that I presented … and yes … there are LOTS of slides because there is constantly new stuff in Azure.
You might have heard of “The Hyper-V Amigos” podcast – this is something that has a history that runs back quite a while with a number of us European Hyper-V MVPs. Carsten (Rachfahl) and Didier (Van Hoye) asked myself and Hans Vredevoort to join them in their latest show to talk about TechEd North America 2014.
A few bits and pieces from the last 24-48 hours:
Not much going on in the last 24 hours:
It’s been a slow few days for news. Here’s what popped up overnight.