Establishing Connection Between On-Premises Server To Azure VM Using Azure Site To Site VPN

In our previous article, we have learned how to configure Azure Site-to-Site VPN. Now, let us learn to connect our On-premises server to Azure Virtual Server using Routing and Remote Access.

 

Before this demo, check out my previous article about implementing Azure Site-to-Site VPN here.

 

 

In the Server Manager, click the “Add roles and features”.

 

 

 

In the Role section, we need to select “Remote Access” and then click "Next".

 

 

 

When we select Remote Access, we will get the pop-up, i.e., “Add features that are required for DirectAccess and VPN (RAS)”?, so click Add Features, and then click “Next”.

 

 

 

Under the Role Services, we have to select “DirectAccess and VPN (RAS) and Routing” and then click "Next".

 

 

 

In the Web Server Roles (IIS) part, we don’t want to select anything, so click Next, and then click "Install" to complete the Installation Wizard.

 

 

 

After installing the Remote Access, we will receive the notification to “Configure Remote Access”, so Click “Deploy VPN Only”.

 

 

 

Now we can find our Local Server (SL-VM) under the Routing and Remote Access. Now it’s disabled, so right click the local server, and then Click the “Configure and Enable Routing and Remote Access”.

 

 

 

In the Configuration wizard we need to select “Secure connection between two private networks”, and then click Next.

 

 

 

Now we need to setup demand-dial connection, so select “Yes”, and then click Next.

 

 

 

In the IP address assignment, if we have a  DHCP server we can select "Automatically," otherwise we need to assign the IP address manually. In this part we already assigned DHCP, so select “Automatically” and then click Next.

 

 

 

Click the Finish button to start the VPN Deployment.

 

 

 

After finishing the Routing and Remote access server setup wizard, the Demand-Dial Interface Wizard will automatically prompt, so click Next to start the deployment.

 

 

 

Now we need to assign our VPN Connection name. In this demo we can type “Azure VPN”, and then click Next.

 

 

 

In this part we need to select our connection type. We need to connect using VPN so select “Connect using Virtual Private Network (VPN)”, and then click Next.

 

 

 

Now we need to select the protocol, for Site to Site VPN we can select “IKEv2”, a VPN encryption protocol. So select “IKEv2” and then click Next.

 

 

 

Now we need to add our Azure IP Address because our server is running in Azure. So we need to add our Azure Gateway IP Address, so enter the Azure IP address and click Next.

 

 

 

In the transport and security part, we need to select “Route IP packets on this interface”, and then click Next.

 

 

 

In the Static Routers for Remote Networks, we need to add our Azure Private IP address range, so click “Add” and enter the Azure Private IP address range and click Ok.

 

 

 

In the Dial-Out Credentials information we don’t create any Username or Password, so leave it blank and click Next, and in the next wizard you can click the “Finish” button to close the wizard.

 

 

 

After successfully creating the VPN connection we need to configure the connection, so right click the AzureVPN Connection and then Click “Properties”.

 

 

 

In the Options Tab, we need to select the “Redial Attempts”, it’s under the Dialing Policy.

 

 

 

In the Security Tab, we need to select the type of VPN as IKEv2, and we need to add the “Preshared Key”. We have already created this key in Azure, so enter the key, and click Ok.

 

 

 

We have successfully configured the settings, and the status is disconnected, so right-click the AzureVPN and click "Connect".

 

 

 

Now, we can verify that our AzureVPN is successfully connected.

 

 

 

In this demo, we learned how to connect our On-Premises Server to Azure Server using Routing and Remote Access. We have already configured Site to Site VPN in Azure. If you have any clarification feel free to comment.