Configuring a VNet-to-VNet VPN gateway connection using PowerShell
The VNet-to-VNet connection type is for linking virtual networks. Virtual networks might be from the same or distinct subscriptions, and they can be in the same or other areas. The subscriptions do not have to connect with the same Active Directory tenancy when joining VNets from various subscriptions.
VNet-to-VNet
Setting up a VNet-to-VNet link is a simple approach to connect VNets. Using the VNet-to-VNet connection type (VNet2VNet) to link a virtual network to another virtual network is analogous to setting up a Site-to-Site IPsec connection to an on-premises site. Both methods of connectivity employ a VPN gateway to establish a secure tunnel using IPsec/IKE, and they communicate in the same way.
Site-to-Site (IPsec)
If your network setup is sophisticated, you may opt to link your VNets using the Site-to-Site procedures rather than the VNet-to-VNet stages. The local network gateways are manually created and configured when you utilize the Site-to-Site procedures.
VNet peering
You might want to consider utilizing VNet Peering to link your VNets. VNet peering is distinct from VPN peering in that it does not employ a VPN gateway and has different limits.
Which VNet-to-VNet steps to use?
In this article, you see two different sets of steps.
VNets that are part of the same subscription include: TestVNet1 and TestVNet4 are used in the configuration procedures.
VNets that are part of different subscriptions include: TestVNet1 and TestVNet5 are used in this setup.
How to connect VNets that are in the same subscription?
- Firstly,Plan your IP address ranges
- Create and configure TestVNet1
- Also, Create and configure TestVNet4
- Furthermore, Create the connection
How to connect VNets that are in different subscriptions?
- Subsequently, Create and configure TestVNet1
- Verify the IP address ranges
- Also, Create and configure TestVNet5
- Finally, Create the connections
Verify a connection
Use the cmdlet example below, changing the settings to suit your needs. If asked, choose ‘A’ to run ‘All’. The name of the connection you wish to test is referred to as ‘-Name’ in the example.
Get-AzVirtualNetworkGatewayConnection -Name VNet1toSite1 -ResourceGroupName TestRG1
After the cmdlet has finished, view the values. In the example below, the connection status shows as ‘Connected’ and you can see ingress and egress bytes.
“connectionStatus”: “Connected”,
“ingressBytesTransferred”: 33509044,
“egressBytesTransferred”: 4142431
Reference documentation – Configure a VNet-to-VNet VPN gateway connection using PowerShell