Part: 1 Architecture Overview
Scenario: Building a demo or proof of concept to understand the technology, azure resources and configuration settings that involve Azure Virtual Networks, VNet Peerings, Virtual Network Gateway, and Site to Site VPN Connections. The architecture is to emulate a hybrid cloud topology with on-premises network emulated with an Azure VNETs in a hub and spoke network topology.
My Azure CLI script to build most of this network architecture can be found at https://github.com/RoyKimYYZ/azurehubandspokenetworkpoc/blob/main/create-hubandspokenetwork.azcli
The key drivers that would for this demo is for technical planning, design and implementation where you you are building out or extending your Azure Network design to have some on-premises connectivity with a Site to Site VPN Connection. This would be suitable for small to medium sized organizations. Also can be a starting point for large organizations. Moreover it is intended for cloud networking novices to establish foundational knowledge.
Architecture Overview
The high level architecture composes of the following
- Hybrid connection between “On-Premises” and Azure Virtual Network using Site to Site VPN
- Azure Virtual Network Hub and Spoke Topology
- VNET, subnet and network peerings
- Network security considerations
These components are to facilitate the following capabilities and design goals
- Hybrid cloud support
- Flexible networking topology to support multiple environments
- Adopt security best practices
Read further for the Site to Site VPN Connection design in part 2.
Roy Kim on Azure and Microsoft 365 