Last Update: Sep 04, 2024 | Published: Dec 14, 2016
In today’s Ask the Admin, I’ll show you how to connect two Azure virtual networks using Virtual Network Peering and PowerShell.
Virtual Network (VNet) Peering provides an easy way to connect two virtual networks in the same region. Once two VNets are connected, they work as one but are still managed separately. It’s even possible to peer two VNets in different Azure subscriptions, although that’s a little more complicated than what I’ll show you today. The main requirements for peering two VNets are:
For more information on Virtual Network Peering and how to peer networks using the Azure Management Portal, see Connect Two Azure Resource Manager Virtual Networks Using VNet Peering on the Petri IT Knowledgebase.
Before following the instructions below, make sure you have the latest version of Microsoft Azure PowerShell installed on your PC. You can download the latest release using the Web Platform Installer.
First, you’ll need to log in to your Azure subscription using the Login-AzureRmAccount cmdlet. Open a PowerShell prompt and run the command below:
Login-AzureRmAccount
If you’ve got more than one subscription associated with your Microsoft account, select one of them using the Select-AzureRmSubscription cmdlet. To see the available subscriptions, run Get-AzureRmSubscription. I’m selecting a subscription called ‘Pay-As-You-Go’ using the command below:
Get-AzureRmSubscription Select-AzureRmSubscription –SubscriptionName Pay-As-You-Go
We need to create a Resource Group (RG) in which to place the virtual networks. In this example, I’m using the West US region and the RG is called Lab1.
New-AzureRmResourceGroup -Name Lab1 -Location WestUS
The first virtual network (VNet1) will have an address space of 10.1.0.0/16 and one subnet (Sub1): 10.1.1.0/24. The New-AzureRmVirtualNetwork cmdlet creates the new virtual network with the specified address space. Add-AzureRmVirtualNetworkSubnetConfig is used to define a subnet configuration for the virtual network, and then Set-AzureRmVirtualNetwork is used to apply the subnet configuration to the virtual network.
$vnet = New-AzureRmVirtualNetwork -ResourceGroupName Lab1 -Name VNet1 -AddressPrefix 10.1.0.0/16 -Location WestUS Add-AzureRmVirtualNetworkSubnetConfig -Name Sub1 -VirtualNetwork $vnet -AddressPrefix 10.1.1.0/24 Set-AzureRmVirtualNetwork -VirtualNetwork $vnet
We’ll just change a few details to create the second virtual network, specifying a different address space (10.2.0.0/16):
$vnet = New-AzureRmVirtualNetwork -ResourceGroupName Lab1 -Name VNet2 -AddressPrefix 10.2.0.0/16 -Location WestUS Add-AzureRmVirtualNetworkSubnetConfig -Name Sub1 -VirtualNetwork $vnet -AddressPrefix 10.2.1.0/24 Set-AzureRmVirtualNetwork -VirtualNetwork $vnet
Now that we have two virtual networks in place, all we need to do is create an object for each virtual network, and use the Add-AzureRmVirtualNetworkPeering cmdlet to create a link from VNet1 to VNet2 (LinkToVNet2), and vice versa from VNet2 to VNet1 (LinkToVNet1).
$vnet1 = Get-AzureRmVirtualNetwork -ResourceGroupName Lab1 -Name VNet1 $vnet2 = Get-AzureRmVirtualNetwork -ResourceGroupName Lab1 -Name VNet2 Add-AzureRmVirtualNetworkPeering -Name LinkToVNet2 -VirtualNetwork $vnet1 -RemoteVirtualNetworkId $vnet2.Id Add-AzureRmVirtualNetworkPeering -Name LinkToVNet1 -VirtualNetwork $vnet2 -RemoteVirtualNetworkId $vnet1.Id
To change the link options, use Set-AzureRmVirtualNetworkPeering as shown below. Here, I’ll allow forwarded traffic on LinktoVNet2:
$LinktoVNet2 = Get-AzureRmVirtualNetworkPeering -VirtualNetworkName VNet1 -ResourceGroupName Lab1 -Name LinkToVNet2 $LinktoVNet2.AllowForwardedTraffic = $true Set-AzureRmVirtualNetworkPeering -VirtualNetworkPeering $LinktoVNet2
You can retrieve information about a link at any time using the Get-AzureRmVirtualNetworkPeering cmdlet:
Get-AzureRmVirtualNetworkPeering -VirtualNetworkName VNet1 -ResourceGroupName Lab1 -Name LinkToVNet2
Finally, if you want to remove the links, use the Remove-AzureRmVirtualNetworkPeering cmdlet. Microsoft recommends removing both links that join virtual networks before creating new ones.
Remove-AzureRmVirtualNetworkPeering -ResourceGroupName Lab1 -VirtualNetworkName VNet1 -Name LinkToVNet2 Remove-AzureRmVirtualNetworkPeering -ResourceGroupName Lab1 -VirtualNetworkName VNet2 -Name LinkToVNet1