azure

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
azure [2021/10/28 16:49]
rafi 		azure [2021/11/01 19:58] (current)
rafi
Line 22: Line 22:
  
 **In case this range is not automatically filled in:** **In case this range is not automatically filled in:**
 +
   * Go to address space-> +Add   * Go to address space-> +Add
   * Select a random /27 bit mask subnet space (for example 10.1.255.0/27)   * Select a random /27 bit mask subnet space (for example 10.1.255.0/27)
  
-{{ ::httpsfilesreadmeiofa450d0-screenshot2019-05-30at83915.png?nolink&200 |}}+{{::httpsfilesreadmeiofa450d0-screenshot2019-05-30at83915.png?nolink&200|}}
  
 **Creating a Virtual Network Gateway** **Creating a Virtual Network Gateway**
Line 55: Line 56:
 {{::360004661220image3.png?nolink&200|}} {{::360004661220image3.png?nolink&200|}}
  
-**Virtual network:** Select the Virtual network that contains the resources you want to reach via the tunnel.+**Virtual network:**  
 + 
 +Select the Virtual network that contains the resources you want to reach via the tunnel. 
 Select a **Virtual network** to open the **Choose a virtual network** page. Select a **Virtual network** to open the **Choose a virtual network** page.
 +
 If you don't see your VNet, make sure the **Location/Region** field is pointing to the region in which your virtual network is located. If you don't see your VNet, make sure the **Location/Region** field is pointing to the region in which your virtual network is located.
  
Line 62: Line 67:
  
 **Gateway subnet address range:** You will only see this setting if you did not previously create a gateway subnet for your virtual network. If you previously created a valid gateway subnet, this field will not appear. **Gateway subnet address range:** You will only see this setting if you did not previously create a gateway subnet for your virtual network. If you previously created a valid gateway subnet, this field will not appear.
 +
 **Public IP address:** This specifies the public IP address object that's associated with the VPN gateway. The public IP address is dynamically assigned to this object when the VPN gateway is created. **Public IP address:** This specifies the public IP address object that's associated with the VPN gateway. The public IP address is dynamically assigned to this object when the VPN gateway is created.
 +
 **Enable active-active mode:** Disabled. **Enable active-active mode:** Disabled.
 +
 **Configure BGP ASN:** Disabled. **Configure BGP ASN:** Disabled.
 +
 Select **Review+create** to begin creating the VPN gateway. Select **Review+create** to begin creating the VPN gateway.
  
Line 72: Line 81:
  
 **Creating a Local Network Gateway** **Creating a Local Network Gateway**
 +
 1. In the portal, select **+ Create a resource.** 1. In the portal, select **+ Create a resource.**
  
Line 85: Line 95:
  
 4. Fill in the fields with the following information: 4. Fill in the fields with the following information:
 +
 **Name** Your gateway name. **Name** Your gateway name.
-**IP address:** This is the public IP address of the VPN device that you want Azure to connect to. Specify your Perimeter 81 gateway IP. + 
-**Address Space:** Insert your Perimeter 81 subnet (make sure that the ranges you specify here do not overlap with ranges of other networks that you want to connect to).+**IP address:** This is the public IP address of the VPN device that you want Azure to connect to. Specify your Privatise gateway IP, found next to Static IP under "Roc on Demand" in the Managed Company Portal. 
 + 
 +**Address Space:** Insert your Privatise subnet provided to you by support. (make sure that the ranges you specify here do not overlap with ranges of other networks that you want to connect to). 
 **Subscription:** Verify that the correct subscription is showing. **Subscription:** Verify that the correct subscription is showing.
 +
 **Resource Group:** Select the resource group that you want to use. You can either create a new resource group or select one that you have already created. **Resource Group:** Select the resource group that you want to use. You can either create a new resource group or select one that you have already created.
 +
 **Location:** Select a location that this object will be created in. **Location:** Select a location that this object will be created in.
 +
 You may want to select the location in which your Virtual Network resides, however it is not a requirement. You may want to select the location in which your Virtual Network resides, however it is not a requirement.
 +
 **SKU:** Select the gateway SKU from the dropdown. The SKUs listed in the dropdown depend on the VPN you select. **SKU:** Select the gateway SKU from the dropdown. The SKUs listed in the dropdown depend on the VPN you select.
  
Line 101: Line 119:
  
 1. Open your virtual network gateway page. 1. Open your virtual network gateway page.
 +
 2. On the sidebar, select **All resources**. 2. On the sidebar, select **All resources**.
  
Line 117: Line 136:
 **Virtual network gateway:** Since you are connecting from this gateway this value (the IP you received from Azure) is fixed. **Virtual network gateway:** Since you are connecting from this gateway this value (the IP you received from Azure) is fixed.
  
-**Local network gateway:** The local network gateway (your Perimeter 81 network address) which you have just created is the fixed value.+**Local network gateway:** The local network gateway (your Privatise address) which you have just created is the fixed value.
  
-**Shared Key:** the value here must match the value that you are using for your local on-premises VPN device.+**Shared Key:** This will be provided to you by our support team.
  
 The remaining values for **Subscription**, **Resource Group**, and **Location** are fixed as well. The remaining values for **Subscription**, **Resource Group**, and **Location** are fixed as well.
Line 126: Line 145:
  
 {{::httpsfilesreadmeiob6405e8-screenshot2019-05-30at84806.png?nolink&200|}} {{::httpsfilesreadmeiob6405e8-screenshot2019-05-30at84806.png?nolink&200|}}
- 
-**Perimeter 81 Settings** 
- 
-1. Open your Perimeter 81 Management Platform and go to the Network tab. 
- 
-{{::screen_shot_2021-02-17_at_19.31.14_3_.png?nolink&200|}} 
- 
-2. Go to the gateway in your network from which you want to create the tunnel to Azure, select the three-dotted menu (...) beside it, and select Add Tunnel. 
- 
-{{::360009521040image7-newip.jpg?nolink&200|}} 
- 
-3. Select IPSec Site-2-Site Tunnel and select Continue. 
- 
-4. Fill in the fields with the following information: 
- 
-**Name:** Enter a name of your choice. 
- 
-**Shared Secret:** Enter the same Shared secret you set in the Azure Portal. 
- 
-**Public IP:** Enter the Azure Virtual network gateway public IP. 
- 
-**Remote ID:** Enter the Azure Virtual network gateway remote ID. 
- 
-**Perimeter 81 Gateway Proposal Subnets:** Choose the purposed IP range. 
- 
-**Remote Gateway Proposal Subnets:** Enter the Azure Virtual network gateway subnet/range. 
- 
-**Advanced Settings** 
- 
-**IKE Version:** V2 
- 
-**IKE Lifetime:** 1h 
- 
-**Tunnel Lifetime:** 1h 
- 
-**Dead Peer Detection Delay:** 10s 
- 
-**Dead Peer Detection Timeout:** 30s 
- 
-**Encryption (Phase 1) :** aes256 
- 
-**Encryption (Phase 2) :** aes256 
- 
-**Integrity (Phase 1) :** sha1 
- 
-**Integrity (Phase 2):** sha1 
- 
-**Diffie-Hellman Groups (Phase 1):** 2 
- 
-**Deffie-Hellman Groups (Phase 1):** 2 
- 
-{{::untitled-1.jpg?nolink&200|}} 
- 
-5. Select Add Tunnel. 
  
 **Verifying the VPN connection** **Verifying the VPN connection**
Line 192: Line 157:
  
 3. Go to Connections. 3. Go to Connections.
- 
-{{::360004711460image17.png?nolink&200|}} 
  
 4. Select the connection you created. 4. Select the connection you created.
  • azure.1635439772.txt.gz
  • Last modified: 2021/10/28 16:49
  • by rafi