Route ip specific traffic to AWS from Azure through OpenVPN
up vote
-1
down vote
favorite
I am not a devops person but trying out something on my own. I have provisioned few resources in Azure and AWS. Want to make connection between them through VPN. as an example, i have web app in Azure and DB in AWS. I want to make the app connect to DB without any problem. I did below things.
- AWS is already being accessed through VPN (openVPN). So VPN server is already setup in AWS and working.
- I created a VM (in a VNET) in Azure and installed OpenVPN client there. Loaded AWS vpn config into Azure VM. Now i can make calls to AWS from Azure VM through VPN.
- I created a route table to hop AWS traffic through Azure VM (VPN).
Now the problem is, My webapp is in azure (app service) but is not in any Virtual Network. The traffic is not flowing through VPN and i can't access AWS DB from anywhere except Azure VM(VPN)
Am i missing any thing here? Some basic questions are
1) Is it mandatory to have all resources in the same VNET/SubNet of Azure VM (VPN) to be able to access AWS ?
2) Is it mandatory to have resources in any VNET/SubNET to be able to use VPN?
3) Should the route table be linked to the subnets of the resources which want to access VPN?
Any pointer is really helpful for me.
amazon-web-services vpn azure-virtual-network subnet openvpn
add a comment |
up vote
-1
down vote
favorite
I am not a devops person but trying out something on my own. I have provisioned few resources in Azure and AWS. Want to make connection between them through VPN. as an example, i have web app in Azure and DB in AWS. I want to make the app connect to DB without any problem. I did below things.
- AWS is already being accessed through VPN (openVPN). So VPN server is already setup in AWS and working.
- I created a VM (in a VNET) in Azure and installed OpenVPN client there. Loaded AWS vpn config into Azure VM. Now i can make calls to AWS from Azure VM through VPN.
- I created a route table to hop AWS traffic through Azure VM (VPN).
Now the problem is, My webapp is in azure (app service) but is not in any Virtual Network. The traffic is not flowing through VPN and i can't access AWS DB from anywhere except Azure VM(VPN)
Am i missing any thing here? Some basic questions are
1) Is it mandatory to have all resources in the same VNET/SubNet of Azure VM (VPN) to be able to access AWS ?
2) Is it mandatory to have resources in any VNET/SubNET to be able to use VPN?
3) Should the route table be linked to the subnets of the resources which want to access VPN?
Any pointer is really helpful for me.
amazon-web-services vpn azure-virtual-network subnet openvpn
add a comment |
up vote
-1
down vote
favorite
up vote
-1
down vote
favorite
I am not a devops person but trying out something on my own. I have provisioned few resources in Azure and AWS. Want to make connection between them through VPN. as an example, i have web app in Azure and DB in AWS. I want to make the app connect to DB without any problem. I did below things.
- AWS is already being accessed through VPN (openVPN). So VPN server is already setup in AWS and working.
- I created a VM (in a VNET) in Azure and installed OpenVPN client there. Loaded AWS vpn config into Azure VM. Now i can make calls to AWS from Azure VM through VPN.
- I created a route table to hop AWS traffic through Azure VM (VPN).
Now the problem is, My webapp is in azure (app service) but is not in any Virtual Network. The traffic is not flowing through VPN and i can't access AWS DB from anywhere except Azure VM(VPN)
Am i missing any thing here? Some basic questions are
1) Is it mandatory to have all resources in the same VNET/SubNet of Azure VM (VPN) to be able to access AWS ?
2) Is it mandatory to have resources in any VNET/SubNET to be able to use VPN?
3) Should the route table be linked to the subnets of the resources which want to access VPN?
Any pointer is really helpful for me.
amazon-web-services vpn azure-virtual-network subnet openvpn
I am not a devops person but trying out something on my own. I have provisioned few resources in Azure and AWS. Want to make connection between them through VPN. as an example, i have web app in Azure and DB in AWS. I want to make the app connect to DB without any problem. I did below things.
- AWS is already being accessed through VPN (openVPN). So VPN server is already setup in AWS and working.
- I created a VM (in a VNET) in Azure and installed OpenVPN client there. Loaded AWS vpn config into Azure VM. Now i can make calls to AWS from Azure VM through VPN.
- I created a route table to hop AWS traffic through Azure VM (VPN).
Now the problem is, My webapp is in azure (app service) but is not in any Virtual Network. The traffic is not flowing through VPN and i can't access AWS DB from anywhere except Azure VM(VPN)
Am i missing any thing here? Some basic questions are
1) Is it mandatory to have all resources in the same VNET/SubNet of Azure VM (VPN) to be able to access AWS ?
2) Is it mandatory to have resources in any VNET/SubNET to be able to use VPN?
3) Should the route table be linked to the subnets of the resources which want to access VPN?
Any pointer is really helpful for me.
amazon-web-services vpn azure-virtual-network subnet openvpn
amazon-web-services vpn azure-virtual-network subnet openvpn
asked Nov 11 at 17:06
Venky
2,00212339
2,00212339
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
You are correct.
It is mandatory to have VM's in VNET. So you will be control of routing ip packets across the internet and also locally and also from external connections.
Here is a complete documentation on how to enable peering between two clouds.
https://www.microsoft.com/developerblog/2015/08/30/connecting-an-aws-vpc-to-azure-vnet-via-resource-manager/
Instead of openswan you can replace the configuration with openvpn.
Hope it helps.
Thanks. But i am not using AWS VPC and azure VNET Gateway. I am trying to route through a VPN Client installed in a VM. How does this work for AppServices, FunctionApps and Azure PaaS offerings. Do all these have to be in a VNET?
– Venky
Nov 12 at 9:55
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
You are correct.
It is mandatory to have VM's in VNET. So you will be control of routing ip packets across the internet and also locally and also from external connections.
Here is a complete documentation on how to enable peering between two clouds.
https://www.microsoft.com/developerblog/2015/08/30/connecting-an-aws-vpc-to-azure-vnet-via-resource-manager/
Instead of openswan you can replace the configuration with openvpn.
Hope it helps.
Thanks. But i am not using AWS VPC and azure VNET Gateway. I am trying to route through a VPN Client installed in a VM. How does this work for AppServices, FunctionApps and Azure PaaS offerings. Do all these have to be in a VNET?
– Venky
Nov 12 at 9:55
add a comment |
up vote
0
down vote
You are correct.
It is mandatory to have VM's in VNET. So you will be control of routing ip packets across the internet and also locally and also from external connections.
Here is a complete documentation on how to enable peering between two clouds.
https://www.microsoft.com/developerblog/2015/08/30/connecting-an-aws-vpc-to-azure-vnet-via-resource-manager/
Instead of openswan you can replace the configuration with openvpn.
Hope it helps.
Thanks. But i am not using AWS VPC and azure VNET Gateway. I am trying to route through a VPN Client installed in a VM. How does this work for AppServices, FunctionApps and Azure PaaS offerings. Do all these have to be in a VNET?
– Venky
Nov 12 at 9:55
add a comment |
up vote
0
down vote
up vote
0
down vote
You are correct.
It is mandatory to have VM's in VNET. So you will be control of routing ip packets across the internet and also locally and also from external connections.
Here is a complete documentation on how to enable peering between two clouds.
https://www.microsoft.com/developerblog/2015/08/30/connecting-an-aws-vpc-to-azure-vnet-via-resource-manager/
Instead of openswan you can replace the configuration with openvpn.
Hope it helps.
You are correct.
It is mandatory to have VM's in VNET. So you will be control of routing ip packets across the internet and also locally and also from external connections.
Here is a complete documentation on how to enable peering between two clouds.
https://www.microsoft.com/developerblog/2015/08/30/connecting-an-aws-vpc-to-azure-vnet-via-resource-manager/
Instead of openswan you can replace the configuration with openvpn.
Hope it helps.
answered Nov 11 at 19:39
Kannaiyan
5,85611942
5,85611942
Thanks. But i am not using AWS VPC and azure VNET Gateway. I am trying to route through a VPN Client installed in a VM. How does this work for AppServices, FunctionApps and Azure PaaS offerings. Do all these have to be in a VNET?
– Venky
Nov 12 at 9:55
add a comment |
Thanks. But i am not using AWS VPC and azure VNET Gateway. I am trying to route through a VPN Client installed in a VM. How does this work for AppServices, FunctionApps and Azure PaaS offerings. Do all these have to be in a VNET?
– Venky
Nov 12 at 9:55
Thanks. But i am not using AWS VPC and azure VNET Gateway. I am trying to route through a VPN Client installed in a VM. How does this work for AppServices, FunctionApps and Azure PaaS offerings. Do all these have to be in a VNET?
– Venky
Nov 12 at 9:55
Thanks. But i am not using AWS VPC and azure VNET Gateway. I am trying to route through a VPN Client installed in a VM. How does this work for AppServices, FunctionApps and Azure PaaS offerings. Do all these have to be in a VNET?
– Venky
Nov 12 at 9:55
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53251123%2froute-ip-specific-traffic-to-aws-from-azure-through-openvpn%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown