Skip to content

Latest commit

 

History

History
38 lines (34 loc) · 2.86 KB

vpn-gateway-add-site-to-site-connection-portal-include.md

File metadata and controls

38 lines (34 loc) · 2.86 KB
author ms.service ms.topic ms.date ms.author
cherylmc
vpn-gateway
include
08/13/2024
cherylmc

  1. In the portal, go to the virtual network gateway and open it.

  2. On the page for the gateway, select Connections.

  3. At the top of the Connections page, select + Add to open the Create connection page.

    :::image type="content" source="./media/vpn-gateway-add-site-to-site-connection-portal-include/add-connection.png" alt-text="Screenshot that shows the Basics page." lightbox="./media/vpn-gateway-add-site-to-site-connection-portal-include/add-connection.png":::

  4. On the Create connection page, on the Basics tab, configure the values for your connection:

    • Under Project details, select the subscription and the resource group where your resources are located.

    • Under Instance details, configure the following settings:

      • Connection type: Select Site-to-site (IPSec).
      • Name: Name your connection.
      • Region: Select the region for this connection.

  5. Select the Settings tab and configure the following values:

    :::image type="content" source="./media/vpn-gateway-add-site-to-site-connection-portal-include/settings-page.png" alt-text="Screenshot that shows the Settings page." lightbox="./media/vpn-gateway-add-site-to-site-connection-portal-include/settings-page.png":::

    • Virtual network gateway: Select the virtual network gateway from the dropdown list.
    • Local network gateway: Select the local network gateway from the dropdown list.
    • Shared key: The value here must match the value that you're using for your local on-premises VPN device. If this field doesn't appear on your portal page, or you want to later update this key, you can do so once the connection object is created. Go to the connection object you created (example name: VNet1toSite1) and update the key on the Authentication page.
    • IKE Protocol: Select IKEv2.
    • Use Azure Private IP Address: Don't select.
    • Enable BGP: Don't select.
    • FastPath: Don't select.
    • IPsec/IKE policy: Select Default.
    • Use policy based traffic selector: Select Disable.
    • DPD timeout in seconds: Select 45.
    • Connection Mode: Select Default. This setting is used to specify which gateway can initiate the connection. For more information, see VPN Gateway settings - Connection modes.

  6. For NAT Rules Associations, leave both Ingress and Egress as 0 selected.

  7. Select Review + create to validate your connection settings.

  8. Select Create to create the connection.

  9. After the deployment is finished, you can view the connection on the Connections page of the virtual network gateway. The status changes from Unknown to Connecting and then to Succeeded.