Site to Site VPN between Alibaba Cloud and Microsoft Azure
Created#More Posted time:Dec 14, 2017 15:32 PM
This article shows you how to use the Azure portal to create a Site-to-Site VPN gateway connection and Deploy a VPN gateway appliance from your Alibaba Cloud portal and connect it to the VNet.
This guide will provide quick steps to configure Site-to-Site.
1. Create a virtual network
To create a VNet in the Resource Manager deployment model by using the Azure portal, follow the steps below.
2. Create the gateway subnet
3. Create the VPN gateway
4. Create the local network gateway
The local network gateway typically refers to your on-premises location. But here we are connecting to Alibaba cloud VPN gateway appliance. So You give the site a name by which Azure can refer to it, then specify the IP address of the Alibaba cloud VPN device to which you will create a connection.
Create the VPN connection
Create the Site-to-Site VPN connection between your virtual network gateway and your Alibaba cloud VPN device.
Configuration of the Alibaba Cloud Portal
Login to you Alibaba Cloud Portal and open another browser tab. Look for Alibaba cloud marketplace.
Go to the search space at right-hand corner and find “FlexGW IPsec VPN on CentOS”
Deploy the appliance as an instance in the default VPC.
Once deployed, reset the password and restart the VM.
Open your browser and paste the Public IP of the instance at https://publicip/
Navigate to IPSEC VPN and click on create a tunnel.
Make sure the PSK (Shared Key) is same on both the sides.
Click on Save and it should start connecting to the Azure VPN gateway and you should be able to see the status as below
On Azure Portal:
To test it further, you can deploy a virtual machine on both sides and do a ping test.
I deployed an Ubuntu VM on Azure and on Alibaba.
The virtual machine on Azure with the below private IP:
Virtual Machine on Alibaba with its private IP:
Note: the catch is since, on Alibaba Cloud we have deployed VPN GW as an instance, we have to make sure the “Route Entry” is added to use the ECS instance to reach a particular CIDR.
And there you go:
Ping from Alibaba to Azure
Thank you for reading
Please comment if you have any query.
1st Reply#Posted time:Dec 15, 2017 10:37 AM
Removed... Replied on wrong post.