Azure VPN – Part 1/2

This new Azure related blog describes how to extend your on-premises network to the Azure datacenter. The blog explains how to create an Azure Virtual Network, create VPN gateway, and connect it to your on-premises environment. In part 2 we expand this solution with Point-to-Site VPN, with Always ON – Azure VPN, allowing Modern Managed clients to connect via VPN to Azure Virtual Network, and if required to your on-premises network.


This picture shows the setup we are going to create in this BLOG.

The blog assumes you have basic knowledge about networking and how the Azure portal works. The region I usually work in is West Europe. Please adjust your region to you preferred Azure Region.

Part 1: Site-to-Site VPN

  1. Create Azure VNET
  2. Create Azure Virtual Network Gateway
  3. Create Virtual Machine in Azure
  4. Create Site-2-Site between Azure and Sophos XG
    1. Configure Azure
    2. Configure Sophos XG
    3. Proof of the pudding

Coming Soon: Part 2: Azure VPN (Point-to-Site)

Continue reading Azure VPN – Part 1/2

Azure NAT with Ubuntu Linux

Introduction

When creating a workplace for your users in Azure using RDS or Windows Virtual Desktop you might recognize this issue. All servers in Azure use a dynamic outbound IP for browsing. When you need to access websites that require IP whitelisting this can be an issue.

You can use multiple solutions for this problem:

  • Route your internet traffic back to on-prem via ExpressRoute or VPN
  • Use Azure Firewall, or a virtual firewall appliance (can be costly)
  • Use a self-build outbound NAT VM

This blog will explain how to build your own outbound NAT VM for your Azure virtual net. Although this is not Enterprise ready it will work just fine. Determine production readiness for yourself.

Continue reading Azure NAT with Ubuntu Linux