By Dolly Sharma.tec 4, 2022
In this blog post, let’s go through the detailed steps for configuring the connectivity between Google Cloud Platform (GCP) and Azure with the help of VPN, so that you can migrate your workload from Azure to GCP or Multi -Cloud workload on both platforms.
Before you start
- An Azure account with an active subscription and a project on GCP.
- Make sure you have needy admin roles to carry out the activities below according to Links: GCP and Azure.
- VPC network (virtual network on Azure) and subnets are already made in that GCP and Azure.
- On GCP, the firewall rule must be added for the traffic flow (computer science and gene) between Azure and GCP.
- On Azure, the security group must be confidence for traffic flow and subnetver reproduction.
- Faced with a public IPv4 address for your VPN device.
Topology
Here is a diagram that shows the connectivity between GCP and Azure, together with the various components that make it work.
- Google Cloud VPC network: A single virtual network within a single Google Cloud project.
- IP external address or Google Cloud Peer -address: IP external addresses using Peer VPN devices To determine is VPN with Google Cloud. IP -External addresses are automatically assigned, one for every gateway interface within a Google Cloud project.
- Dynamic routing: Google Cloud Dynamic Routing for VPN using the Border Gateway Protocol (BGP). Note that HA VPN only supports dynamic routing.
- Ha VPN: This is a cloud VPN with a high availability with which we can safely connect to on-premises networks with our private networks on GCP via an IPSEC VPN connection.
- Virtual network gateway: Azure VPN gateways offer cross-premises connectivity between customer buildings and Azure. We implement our virtual network gateway, which will be used to create a VPnel to Oulle environment. This is used in the “gatewaysubnet”
- Site-to-site (IPSEC): Compost by a ‘VPN Gateway’, for local gateway and a ‘connection’, makes it possible to send encrypted traffic between a vnet of an Azure and a location on the premises, this public internet.
Be in your hands
Now let’s implement the VPN tunnel at both ends.
- Log into the Azure Portal
- Make a virtual network gateway
2. Then I make VPN connection on GCP. First I select the type of VPN connection as high availability (ha),
The I make cloud ha vpn gateway. I give name (GCP-VPN-Gateway), VPC (VPC-1) and a region (US-East1).
3. After the VPN gateway has been made, you will be assigned these two public IP addresses. Note the IPs because we will use them later.
4. Let’s now make the pear configuration. I select Add a pear vpn gateway And choose one interface. Under Peer VPN Gateway Interfaces I add the IP address of the previously made virtual virtual private gateway for Interface 0 IP address.
You can follow the same steps to add addionic tunnels for high availability or added capacity.
Create Peer VPN Gateway:
4. Then I select VPN tunnel and configure the BGP session.
4. Create BGP session on GCP
5. Make a local gateway network with GCP information
I make a local network gateway with GCP information, we can repeat the same steps for the second local network gateway by offering the second IP address high availability or extra capacity.
6. Connect using virtual network gateway and local network gateway
7. Validate connectivity
At the moment, your VPN connection shows a tunnel with the status set.
Go back to Azure and check whether the connecting status is connected.
Conclusion
In this blog we learned about the requirements for making the site for site VPN between Azure and GCP. We also have a discussion
Best practices
Limits
References
The original article published on medium.
