For Microsoft Azure Network vnet to Vnet Connection

Connecting an azure virtual network (VNet) to another Azure virtual network is very similar to connecting a virtual network to a local site location. Both of these connection types use virtual network gateways to provide a secure tunnel through the ipsec/ike. Connected Vnets can be in different subscriptions and different regions. You can even use multi-site configurations to consolidate your vnet-to-vnet communications. This allows you to establish a network topology that combines cross-premises connectivity with virtual network connectivity, as shown in the following:

Two virtual networks can be in the same region and can no longer be in a different region.

Create two local networks, respectively

1.1LocalNorth where VPN DEVICE IP address is temporarily re-filled

Name:localnorth

VPN DEVICE IP address:1.1.1.1 (temporarily for this)

Starting ip:10.0.1.0

CIDR (ADDRESS COUNT):/24 (256)

1.2LocalEast where VPN DEVICE IP address is temporarily re-filled

Name:localeast

VPN DEVICE IP address:2.2.2.2

Starting ip:10.0.2.0

CIDR (ADDRESS COUNT):/24 (256)

Can be viewed in the local network

Create two Vnets

2.1 Name:vnettonorth

Location:china North

DNS Server directly skipped, using the DNS service provided by Microsoft

Tick Configure a site to site VPN

LOCAL Network Select Localeast

Starting ip:10.0.2.0 cidr:24

Subnets starting ip:10.0.2.0 cidr:25

Gateway: Auto-generated

2.2 Vneteast:vnettoeast

Location:china East

DNS Server directly skipped, using the DNS service provided by Microsoft

LOCAL Network Select Localnorth

Starting ip:10.0.1.0 cidr:24

Subnets starting ip:10.0.1.0 cidr:25

Gateway: Auto-generated

3. Create dynamic routes, respectively

It takes 15-20 minutes to create a time please wait patiently.

About VPN devices for virtual networks (updated: November 2014)
Http://msdn.microsoft.com/zh-cn/library/azure/jj156075.aspx

Simply speaking, static routing only supports site-to-site.

4. Set up Gateway (VPN gateway address) has changed shared key

Fill out the generated gateways separately

Vnettonorth Gateway completed to Localeast

Vnettoeast Gateway completed to Loacalnorth

Change directly using PowerShell

Windows powershellcopyright (C)2013Microsoft Corporation. All rights reserved.ps C:\WINDOWS\system32> Set-azurevnetgatewaykey-vnetname vnettonorth-localnetworksitename localeast-Sharedkey eHaLKmPeDlih9wYdLfatGy9f6GPDitzuError:HttpStatusCode:OKId:d3e5a879-a446-474a-ac16-4100ec3be396status:successfulstatuscode:okrequestid:3d664894c30942dd99adc2ae614a23a4ps C:\WINDO Ws\system32> Set-azurevnetgatewaykey-vnetname vnettoeast-localnetworksitename Localnorth-Sharedkey ehalkmpedlih9wydlfatgy9f6gpditzuerror:httpstatuscode:okid:4389d0a7-44ac-422a-b269-247fc4b36d27status:successfulstatuscode:okrequestid:89f79e00cfea4a48bac8eb448a5023ebps C:\WINDO Ws\system32>

Sharedkey cannot use Web pages for custom changes. Sharedkey values can be defined by themselves

Configure Vnet-to-vnet connection Update time: November 2014

Http://msdn.microsoft.com/zh-cn/library/azure/dn690122.aspx

To create a local network before creating a gateway, the demo is to create a local network and then create a gateway.

About the regional VNet and affinity groups for virtual networks (updated: November 2014)

Previously, when creating a virtual network (vnet), you were asked to associate a vnet with an affinity group, and the affinity group was associated with the zone. This requirement has changed. Now, in the management portal, the VNet will be directly associated with the zone (location). This makes you more free when you create a VNet. You can still associate a cloud service with an affinity group as needed, but this is not required.

The zone represents the location where the virtual network coverage is located. Any content that you deploy to the virtual network will be physically located in the zone. If you want to further specify that you want resources to be physically close to each other within the same region, you can specify an affinity group for those specific resources. This means that these resources are not only in the same physical location, but also close to each other within the data center.

Name resolution (Domain name resolution) (DNS) Update time: August 2014

Http://msdn.microsoft.com/zh-cn/library/azure/jj156088.aspx

Name resolution for your own DNS server is required only if there is a local network segment, and you can use the name resolution provided by Azure if no special conditions are used

For Microsoft Azure Network vnet to Vnet Connection