Contents

Virtual Network Peering

Connect two isolated vNets using vNet Peering and validate routing and connectivity.

Lab Overview

This lab covers how to enable connectivity between two virtual networks. Each virtual network is an isolated environment until we allow communication. Here, we will see how to configure vnet peering to enable communication between two virtual networks. Virtual network peering is supported within and across regions. In this lab, we will create peering between two virtual networks, verify route updates and reachability between the peered networks.

Lab Diagram

Diagram

Check connectivity between virtual networks

So far you have configured two virtual networks from labs 1 and 3. Let’s try to reach virtual machines across the two peers.

  1. From the Azure portal, go to the Virtual machines page

  2. Note the Public IP of VM vnet1-vm-mgmt1

  3. Note the public IP of VM vnet-hub-vm1

  4. Connect to virtual machine vnet1-vm-mgmt1 using its public IP

    ssh <username>@<Public_IP_of_VM>

  5. Try to ping private IP of virtual machine vnet-hub-vm1

  • Did the ping succeed?
  • Why?

Peer virtual networks

  1. In the Search box at the top of the Azure portal, begin typing vnet1. When vnet1 appears in the search results, select it.

  2. Go to Settings → Peerings, and then select + Add, as shown in the following picture:

    add

  3. Enter, or select, the following information, accept the defaults for the remaining settings, and then select OK

    Setting Value
    Name of the peering from vnet1 to remote virtual network peer-vnet1-to-vnet-hub
    Subscription Select your subscription
    Virtual network vnet-hub
    Name of the peering from vnet-hub to vnet1 peer-vnet-hub-to-vnet1
    Allow forwarded traffic from vnet1 to vnet-hub Enabled
    Allow forwarded traffic from vnet-hub to vnet1 Enabled

  4. Verify the peering status. This should show as Connected.

    verify

    Now verify the routes in vnet1.

  5. Go to the virtual machine vnet1-vm-mgmt1 page and go to Settings → Networking tab

  6. Click on the network interface name. See the screenshot below to find the NIC name.

    verify

  7. The route table should show a route added to the table for network 10.0.0.0/16. The next hop type for this route shows Vnet peering.

    next hop

Verify reachability between peered vNets

Let’s try to reach virtual machines across the two peers.

  1. From the Azure portal, go to the Virtual machines page

  2. Note the Public IP of VM vnet1-vm-mgmt1

  3. Note the public IP of VM vnet-hub-vm1

  4. Connect to virtual machine vnet1-vm-mgmt1 using its public IP

    ssh <username>@<Public_IP_of_VM>

  5. Try to ping private IP of virtual machine vnet-hub-vm1

  • Is the ping successful?
  • Which rule was used? Verify the nsg rules.

Help us improve

Azure Citadel is a community site built on GitHub, please contribute and send a pull request

 Make a change