Boost Security & Performance by Connecting Azure hub and spokes VNets with On-Premises Networks

Understand the use of Hub and Spoke topology in Microsoft Azure to connect with on-premises network

Is your network's security airtight? Are you maximizing your performance potential in every connection? If these questions resonate with your concerns, you're in the right place. In this article, we explore the transformative journey of boosting security and performance by connecting Azure Hub and spokes VNets with on-premises networks.

To put it another way, imagine a network with nonexistent security and sharp speed gains. This article reveals the secret to combining Azure hub and spoke VNets with on-premises networks. Think about the options as we examine the subtleties of this relationship. You should be ready for your network's dynamics to dramatically shift.

Curious to explore the key strategies and insights to fortify your network's security while supercharging its performance? Our journey doesn't stop here. Join us in the main article as we unravel the detailed steps, best practices, and real-world applications, ensuring you're equipped with the knowledge to elevate your network to new heights.

Are you ready to revolutionize your network? Let's dive into the world of Azure and witness its game-changing impact on security and performance.

But these are not the only secrets we have in store. Stay with us, and let's embark on a journey to redefine the benchmarks of network excellence. Stay with us, and let's embark on a journey to redefine the benchmarks of network excellence together.

Scenario:

In real business environments, A Head office of an organization and its Branch offices could be in the same city or may be in the different cities. Branch offices have their own functions too but for some of the main tasks they need to contact with their Head office. The same scenario is used in Hub and spoke topology where Hub works like a central point as Head office and spokes work as branch offices. In Microsoft Azure, Hub virtual network can be used as a connectivity point to on-premises networks. that can peer spoke virtual network with the Hub virtual network and in this way, we can also isolate the workloads.

Follow the steps to understand and configure the above discussed scenario in the Microsoft Azure portal.

Create resource Group and virtual networks
Peer virtual networks with each other
Verify connectivity - Ping from Hub-VM to Spoke VMs and vice versa
Deployment of Virtual Network Gateway on Hub-VM
Generate certificates on an on-premises network machine
Install it on an on-premises machine
Upload Certificate on Azure portal during the creation of VPN
Connect on-premises machine to Azure through VPN
Ping between Azure Hub-VM and on-premises machine to test the connectivity

Step-1: Create resource group with the name Demo-RG and virtual network for hub and two spokes

Create a Hub Virtual Network “Hub-Vnet” and select East US as the location you can choose as your own.

Create a Virtual Network for Hub and Spokes

virtual networks for hub and spoke

Step-2: Create three Virtual Machines one for each virtual network:

Hub-VM for Hub-Vnet as Hub-VM
Spoke1-VM for Spoke1-Vnet
Spoke2-VM for Spoke2-Vnet

virtual machine

Step-3 Set the static IP of all three Virtual machines:

10.0.0.4 of Hub-VM
10.1.0.4 of Spoke1-VM
10.2.0.4 of Spoke2-VM

IP address setting in Hub-Virtual Machine

IP setting for hub VM

IP address setting in Spoke1-Virtual Machine

IP setting for Spoke1-VM

IP address setting in Spoke2-Virtual Machine

IP setting for spoke-2 VM

Step-4 Create peering between Hub and Spokes:

Hub-Vnet and Spoke1-Vnet
Hub-Vnet and Spoke2-Vnet

Peering between Hub and Spoke1

Peering between Hub and Spoke2

Step-5: Test the connectivity between Hub and Spoke VMs:

Ping Hub-VM to Spoke1-VM
Ping Hub-VM to Spoke2-VM
Ping Spoke1-VM to Hub-VM
Ping Spoke2-VM to Hub-VM

Ping from Hub VM to Spoke1 and Spoke2 VMs

Ping result Hub VM to Spoke1 and Spoke2 VMs

Ping result in Spoke1-VM to Hub-VM

Ping result in Spoke2-VM to Hub-VM

Step-6: Create a Virtual Network Gateway and associate it with Hub-Vnet

Virtual Network Gateway

Step-7: Connectivity between Hub and on-premises network

Install a VPN Client on an on-premises network machine and then connect it to your Azure account by using the command “Connect-AzAccount”
To make the connection secure and for authentication of on-premises machine generate Root and Client Certificates on an on-premises machine.

Root and Client Certificate

Step-8: Create a Point-to-site VPN as you can see in the image and upload the Root Certificate on the Azure portal

VPN and Root certificate in Azure portal

Step-9: Install the Client Certificate on your on-premises machine.

To connect the on-premises network machine with Azure hub, run VPN client software installed earlier on an on-premises machine and connect with the VPN on the Azure portal.

VPN Client software

Step-10: Verify the connectivity between on-premises network machine and Azure hub

Ping IP address of Hub-VM 10.0.0.4 from an on-premises machine

Ping result from on-premises machine

Understand the use of Hub and Spoke topology in Microsoft Azure to connect with on-premises network

Scenario:

Step-5: Test the connectivity between Hub and Spoke VMs:

Mastering IPSec Remote Access VPN - Your Ultimate Guide to Setting Up Remote Access VPN on Your Cisco IOS Router

Mastering the Art of Network Flexibility - A Deep Dive into VXLAN Technology

Understanding VLANs - Enhancing Network Efficiency and Security

Contact Form