Watching in 2023. The Azure portal has changed a bit, but the information it's still relevant. Great tutorial perfectly explained, one of the best I have seen. Thanks!
Thank you for the Video, descriptive and up to date 1. Create Resource Group 2. Create Virtual network 3. Create Local Network gateway 4. Create Public Ip Address 5. Create Virtual Network gateway 6. Create Connection 7. Create VM for testing Azure 8. Configure RRAS on local Windows server 9. Add Static route in RRAS 10. Test with RDP to a VM in Azure
Good video ..it would be better if you could add steps to connect to vpn from windows 10 machine as most of the time you wish to add vpn from home and most of home users use windows10
Perfect video tutorial. Why you used Dynamic public IP instead Static public IP? And why you didn't use "Basic" SKU for Virtual Network gateway? It's more cheaper and sufficient for one connection. Thanks.
Thank You. Great explanation but I have one doubt. How to set up traffic forwarding on an on-premise gateway VM / device in such a way that when receiving traffic from Azure intended for a different on-premise VM other then the gateway VM
Great video thanks. When you create the /26 and /28 subnets on the /24 network, does that mean that all traffic on any of these subnets can freeley get to the other subnets?
@ConsulCat Can we connect Azure Linux or other VMs on the same VNET from the On-Premises Windows server after doing the steps you have demonstrated or we need to perform any other steps?
This is one of the best explainer videos I've ever seen. Do you have a video on Azure DNS Private Resolver? I like to Resolver Azure VM from on-prem and vice versa. Thank you very much
I ran into an issues. I wasn't able to rdp with the internal IP but I was able to ping just from the OnPrem Server. Any server/windows from onPrem not able to ping the az-vm. Where should I start troubleshoot?
I used this process ,connection is up both sides,but while lambda function trying to connect with azure private flexible postgres server private dns it couldn't resolve private dns, while trying with private ip it getting login rejected, do know how to resolve it ?
your explanation is really good, simply super. one question is in real time, in general, do we use on-prem image copy? do we use Router/ NAT to connect to on-prem VM's?
On the on-premise router you would have to port forward ports 500 & 4500 to the IP address of the RRAS Servers "External" facing interface. Note: Normally, a RRAS Server has 2 interfaces (nics). One is "Internal" i.e. facing the Servers on the Hyper-V host and one "External" facing the rest of the on-premise devices. However, whilst having 2 NIC's is good design and practice its not compulsory. directaccess.richardhicks.com/tag/dual-nic/
Great video explaining a Site-to-Site VPN with Azure. One note though, I noticed in your RRAS setup, you were using 255.255.0.0 for your 10.0.0.0/24 Azure subnet, any idea why?
Thank you for a great demo. I am new to this so I would like to know if it is possible to do the same two-way access using Azure point-to-site vpn? I was testing using point-to-site and seems like I can only go from on-prem to Azure VNET only? Thanks again.
Dear Sir, I have Setup Everything is fine .when i Open Routing and Remote Access when I click to Dial Connection then the Connection not Establishing why. How to fix Please!
On-prem, I can access my Azure VM from the server that hosts RRAS, but I cannot connect from any other server in the active directory to the Azure VM. How would you handle this?
On any on-premise Server that is NOT the RRAS Server you need to create a Static route using a command (DOS) prompt in Administrative mode. An example entry would be: route ADD 10.0.0.0 MASK 255.255.0.0 192.168.0.24 metric 2 -p You also need to do the same on any Azure based Server that needs to communicate back to the on-premise resources: An example: route ADD 172.16.0.0 MASK 255.255.0.0 192.168.0.53 metric 2 -p Note that you would have to alter the IP addresses to suit your on-premise & Azure setup. How to add and delete static routes www.howtogeek.com/howto/windows/adding-a-tcpip-route-to-the-windows-routing-table/ How to add static routes to enable communication across a VPN tunnel: backupbits.wordpress.com/2019/03/27/creating-a-site-to-site-vpn-between-your-lab-azure/
What about Azure VM, azure VM can only access the RRAS server, but not any other on-prem servers, should we route add ? If yes which gateway IP should I use?
Watched in 2024. So, precise tutorial. No bullshit and unwanted explanation. Subscribed to your channel. Thanks.
Watching in 2023. The Azure portal has changed a bit, but the information it's still relevant.
Great tutorial perfectly explained, one of the best I have seen.
Thanks!
Thank you for the Video, descriptive and up to date
1. Create Resource Group
2. Create Virtual network
3. Create Local Network gateway
4. Create Public Ip Address
5. Create Virtual Network gateway
6. Create Connection
7. Create VM for testing Azure
8. Configure RRAS on local Windows server
9. Add Static route in RRAS
10. Test with RDP to a VM in Azure
Precise !! Thank you
Very direct and simple teaching. Thank you
good video, watched and followed in 2024 March, all steps are same except for few subnet requirements which is a simple modification. thanks :)
this is the most clear explanation i can see so far. Good Job mate!
Works very well... some options has changed but it's still very relevant. Thanks alot.
Many thanks! Helped me setup a site to site with my router itself without having to setup RRAS!
Lovely speaker, excellent demo, clear and concise
Very clear step-by-step tutorial. This is best that I have seen/found about azure tutorials. Excellent job!!!
Good video ..it would be better if you could add steps to connect to vpn from windows 10 machine as most of the time you wish to add vpn from home and most of home users use windows10
i love the way you present:
very clear about the steps.
I have been trying to get details explanation like this. Indeed it happened now. Thank you so much.
Perfect video tutorial. Why you used Dynamic public IP instead Static public IP? And why you didn't use "Basic" SKU for Virtual Network gateway? It's more cheaper and sufficient for one connection.
Thanks.
Yes even i could not find basic VPN Sku in Console and could not find any documentation to create it via powershell.
Thanks for making this concept so simple.
very informative and simple. a million thanks wouldn't be enough man!!!
yes great explanation
Your explanation is really good. Would request you to share further videos ( Azure ).
We use a Sonicwall, but this method is a great alternative and cheaper to boot. Nice work.
Easy to undestand. very well explained. thank you sir
easy to understand video on Azure site to site VPN
Great and easy wat to establish the Azure Site to Site VPN
Very clear explanation, Thank You
Very very nice explanation. You are awesome!!
Thanks , nice explanation, i able to do each step clearly and establish connection between on prem and Azure , thanks alot :D
Thank you very much for the video. It is very much useful. I really appreciate your efforts to put out this video
Wonderful
very quick and easy to understand thanks for the video
Awesome stuff i have my work cut out just on these two videos , two day project lets get it on.
Thank you so much for this video. Clear explanation and to the point. Appreciate it
You are the man thank you!
Very Very good Video and i'm planning try my self
Thank You. Great explanation but I have one doubt. How to set up traffic forwarding on an on-premise gateway VM / device in such a way that when receiving traffic from Azure intended for a different on-premise VM other then the gateway VM
Thank you so much! Very clearly explained in perfect detail
Super cool video, please continue creating these vids
You shared share onprem drive to Azure VM, Is it possible Can i map azure VM drive to OnPrem ?
A really great tutorial, thank you!
PS: "Indivisa manent" 😉
Great content and very helpful, thank you.
Great video thanks. When you create the /26 and /28 subnets on the /24 network, does that mean that all traffic on any of these subnets can freeley get to the other subnets?
Great clear video thanks, one thing I don't understand is why does there need to be a default subnet?
Amazing Video. Very clear and concise. Thank You @ConsulCat
Many thanks for the great tutorial.
Thanks for this amazing explaination.
Great video. Clear and to the point.
best explanation!! thanks for the great video
@ConsulCat
Can we connect Azure Linux or other VMs on the same VNET from the On-Premises Windows server after doing the steps you have demonstrated or we need to perform any other steps?
This is one of the best explainer videos I've ever seen. Do you have a video on Azure DNS Private Resolver? I like to Resolver Azure VM from on-prem and vice versa. Thank you very much
Thanks for such a nice explanation.
Thanks, I can create the tunnel reference with you video
I ran into an issues. I wasn't able to rdp with the internal IP but I was able to ping just from the OnPrem Server. Any server/windows from onPrem not able to ping the az-vm. Where should I start troubleshoot?
Amazing tutorial!
Thank you sir.. Well explained
Great video, very well done.
I used this process ,connection is up both sides,but while lambda function trying to connect with azure private flexible postgres server private dns it couldn't resolve private dns, while trying with private ip it getting login rejected, do know how to resolve it ?
This is a great video. However, I would like to know if client vpn is not necessary instead of using remote desktop connection ?
how to setup cryptos for phase1 and 2? when the IPSec tunnel is up, how to configure tunnel IP address on both ends?
Could you please explain why you've set the gateway subnet to 10.0.0.96/28?
Arbitrary, you can use any LAN subnet you wish.
Very Good and thanks for you help..
Nice but for you connected a AD in equal subnet RRAS, do you think necessary additional anything in route RRAS? that’s Brazil
Can we use one virtual network gateway to connect to both AWS and on-prem?
Well Explained .
Great, thanks!
If I have on premises server of ubuntu, then in this case what need to be done
your explanation is really good, simply super. one question is in real time, in general, do we use on-prem image copy? do we use Router/ NAT to connect to on-prem VM's?
Great Video! this same process when creating a resource for ASHUB? this is kind of guide im looking very detailed. Thank you Sir!
great
ON perm server is there public ip assigned or port forward used and if use port forwarding which ports are needed.
On the on-premise router you would have to port forward ports 500 & 4500 to the IP address of the RRAS Servers "External" facing interface.
Note: Normally, a RRAS Server has 2 interfaces (nics). One is "Internal" i.e. facing the Servers on the Hyper-V host and one "External" facing the rest of the on-premise devices. However, whilst having 2 NIC's is good design and practice its not compulsory.
directaccess.richardhicks.com/tag/dual-nic/
Great video explaining a Site-to-Site VPN with Azure. One note though, I noticed in your RRAS setup, you were using 255.255.0.0 for your 10.0.0.0/24 Azure subnet, any idea why?
255.255.0.0 is called network mask. please Google yourself about CIDR and Network Mask. You will get it 🙂
@ConsulCat Same question, 10.0.0.0/24 having C class and subnet suppose to be 255.255.255.0 ?
@@sysarchitect3232 it can be whatever you want to allocate
Thank you for a great demo. I am new to this so I would like to know if it is possible to do the same two-way access using Azure point-to-site vpn? I was testing using point-to-site and seems like I can only go from on-prem to Azure VNET only? Thanks again.
On-prem, I can access my Azure VM from the server that hosts RRAS, but I cannot connect from any other server from On-prem to Azure VM
how about ikev1 connection? i get error 'The template parameter 'connectionMode' is not found' when try to create ikev1.
Dear Sir, I have Setup Everything is fine .when i Open Routing and Remote Access when I click to Dial Connection then the Connection not Establishing why. How to fix Please!
Please help, mere pass multiple VNet main multiple resources hai, kya main in sab ko ek hi vpn se access kar sakta hu to kaise?
Thank you
quick question, is creating Public IP in Azure is safe for Azure VM? can hackers hack the system ? any alternative way to use S2S VPN?
Hi bro... thanks for this video.
I have one doubt my vpn is connected but RDP is not working may i know what is the mistake I done.
Check the firewall rules. Or Switch off the firewall in the destination server and try rdp
Thanks a million. Nice one
when you create an ip address like you did at 7:50 don't you need to assign that public ip address somewhere?
He assigned it in the VPN Gateway, created afterwards. On "IP Address", select "Use existing" and choose the Public IP resource.
That was useful. Thank you.
What is the requirements for the on prem RRAS server? Does it have to be on the DMZ? or using NAT port forwarding?
is it required to Configure RRAS on local Windows Server?
Thank you 🙏🏻
I failed to connect to vm. Can you tell me what might be the reason?
Nice. Liked.
Awesome, Thanks
doesn't seem to work for me, it says on both sides its connected but i cant access on premise resources :(
does anybody have an idea ?😭
couldn't find rras on my local windows Can you tell how to do it
Same issue, can anyone help?
thank you
On-prem, I can access my Azure VM from the server that hosts RRAS, but I cannot connect from any other server in the active directory to the Azure VM. How would you handle this?
On any on-premise Server that is NOT the RRAS Server you need to create a Static route using a command (DOS) prompt in Administrative mode. An example entry would be:
route ADD 10.0.0.0 MASK 255.255.0.0 192.168.0.24 metric 2 -p
You also need to do the same on any Azure based Server that needs to communicate back to the on-premise resources: An example:
route ADD 172.16.0.0 MASK 255.255.0.0 192.168.0.53 metric 2 -p
Note that you would have to alter the IP addresses to suit your on-premise & Azure setup.
How to add and delete static routes
www.howtogeek.com/howto/windows/adding-a-tcpip-route-to-the-windows-routing-table/
How to add static routes to enable communication across a VPN tunnel:
backupbits.wordpress.com/2019/03/27/creating-a-site-to-site-vpn-between-your-lab-azure/
@@dbrooker8918 thanks. One of the most thorough responses I have received on RUclips.
What about Azure VM, azure VM can only access the RRAS server, but not any other on-prem servers, should we route add ? If yes which gateway IP should I use?
Too much information and lot of confusion **