In this section, we are going to discuss how to connect between virtual networks.
- Its important to understand that how Azure implements security across virtual networks. By default, a machine which is one virtual network cannot communicate with a machine or any other resource on the other virtual network.
- Any storage resource can be communicated via public end points and associated keys. But, if you have associated your storage account to a private end point, on a virtual network, then you will find that virtual machine on another network cannot communicate with it.
- But, that doesn’t stop networking. We can actually setup peering relationship between the two networks.
- Here, I have selected the private network, which I created in the last module.
- Here, I will click on Peerings as highlighted.
- Now, I will click on Add.
- Here, we do have to give network connection from one network to another.
- Let’s give name it a name first.
- Here, are using resource manager model offcourse.
- If we want to connect to network which is cross subscription, then we can check the checkbox. This is aka Resource ID model.
- Next, I have selected another virtual network rahul-vnet.
- Now, we need to again give name for reverse connection. Therefore, I will call it “Rahul-VM-2-To-1”.
- Next, we have option, whether we allow traffic to go in both directions or we only want in one direction.
- I have kept it enabled for both the directions.
- Now, there is also a concept of forwarded traffic. Forwarded traffic means traffic which comes from another source, that it want to gets to VM 1 or VM 2.
- This means there is another peering relationship where in traffic from 3rd source wants to go to 1 and the other way as well.
- We also have a concept of gateway transite setting. If we want to setup, network gateway, then this will allow us to across the VPN, if we want to connect to corporate network or express route.
- Once I click ok, then it will start doing dual deployment.
- It means, its deploying peering relationship on one side and also on the other side. Having said that, now peering is setup successfully like shown below.
- If I go another network and check the same in peerings, I can see that other way its done as well.
- We are also going to deal with network security group which is going to block certain type of traffic travelling over the network. We are also going to see firewalls and other settings as well.
- Just simply setting, these two networks, allows them to understand the IP address range of the other network actually exist and how they get traffic there.
Thanks for joining me. In the next section we will delve further into this topic. Till then stay tuned and happy coding.