Journey to ARM–Part II – Creating the VPN gateway

The starting point to create a connection between an Azure VNET and your on-premises environment is a VPN gateway. In the classic Azure portal, the experience is relatively easier and well documented on the internet. As you may know or not, there is no user interface to create the VPN gateway, so you have to use PowerShell to do so. Below you will find a script that will do it for you. Before you jump to it, take some time to understand the steps. For demo purposes, I will detail the creation of the gateway for a test VNET called overcastvnet in a resource group called demorg.

Let’s create the Resource Group and the VNET:

image

If your VNet already exists and you just need the gateway subnet to be added, you can run these lines below:

image

The next step is to create a local network, which basically tells the gateway which networks are on the other side of the connection.

image

After that, we need to create an external IP for the Azure gateway. Once provisioned, this will be the IP you are going to use on the other end (on-premises or another VNET)

image

Next, select which subnet will be used for the gateway and assign the configuration to the gateway:

image

And finally, create the gateway. Make sure you select the right type, being static or dynamic:

image

This should take a while.

The last step is to establish the actual connection:

image

And there you have it!

image

Find the script here.

The next article will discuss copying storage from your legacy storage accounts to the new ARM storage.

Hope it helps!