Azure: Moving from ASM to ARM with ASR (Part 3) - Network configuration

In this part we will go over 2 options on how to connect the ASM network to the ARM network.

Establishing network connectivity is needed as we want our source VMs to communicate with the process server!

VNET Peering

This feature is by far the most simple way to connect VNETs! With VNET Peering we can also connect ASM VNET to ARM VNET without the use of VNET gateway site to site VPN connections.

Today this feature is limited to connect VNETs if:

• they are in the same region (a VNET’s boundary is the region it was created in)
• subnets IP ranges don’t overlap
• for connecting ASM to ARM networks, VNETS must be in same subscription

We can peer networks in different subscriptions if:

• the privileged user must have rights in both subscriptions AND
• both subscriptions are connected to the same Azure Active Directory.

Create peering takes less than 5 minutes:

https://i1.wp.com/www.prof-its.be/wp/wp-content/uploads/2017/01/vnetpeeringsimple.png?resize=1024%2C432

and almost instantly:

https://i1.wp.com/www.prof-its.be/wp/wp-content/uploads/2017/01/vnetpeeringsimpleresult.png?resize=234%2C289

Site to Site VPN

The other option requires a little more configuration as we need to create a Site to Site VPN Connection between the 2 VNET gateways in different deployment models and that requires some PowerShell to make this work.

We will need to select this option if:

• We need to connect networks in different regions
• We need to connect to network in another subscription that is not linked to the same Azure AD

The whole process is already very nicely documented and we can find it here:

/en-us/azure/vpn-gateway/vpn-gateway-connect-different-deployment-models-portal

Overview

This article is part of a series, check for the overview here:  Azure: Moving form ASM to ARM with ASR (TOC)