Azure: Site to Site VPN to Sonicwall how-to | step by step
ฝัง
- เผยแพร่เมื่อ 15 ก.ค. 2024
- This is the first video in the series of creating a Hub and Spoke configuration with Azure VNETS and on premises environment.
this video shows the steps on how to setup the Vnet, Virtual Network Gateway and IKEv2 connection to a Sonicwall on prem environment.
this video will show you how to quickly set this up and using this as a building block for a more complex network configuration.
00:00 intro
00:46 Setup the Azure environment
02:46 Setup the Virtual Gateway subnet
03:00 Setup VM in Hub Subnet to be used as firewall in later videos
05:45 Setup Virtual Network Gateway
06:31 Setup VPN connection
09:07 Download configuration file for settings
09:50 Setup SonicWall VPN tunnel configuration
13:09 Setup Routing on Sonicwall for VPN traffic
15:16 Final Message
![[LIVE] ใครคุยเรื่องบอล "พ่องตาย" #คุยให้เด็กมันฟัง EP.43 (13/7/67)](http://i.ytimg.com/vi/8bHYL8RuBqs/mqdefault.jpg)
![[UNCUT] ลูกหมี-ลิลลี่ เหงียน เปิดใจฟาด ปู มัณฑนา I คนดังนั่งเคลียร์ I 15 ก.ค.67](http://i.ytimg.com/vi/FKQ60Y7bJ6s/mqdefault.jpg)
Great video. thank you for putting this together
Glad you enjoyed it!
Thank you very much for this. Very well made and easy to follow :)
Thank you Ramez I am very glad you found it useful.
Glad to hear and thanks for the comment
Awesome. Still works today despite Azure and Sonicwall's interfaces having changed.
thank you! and thanks for watching. I uploaded a new video with the Sonicwall OS 7. much easier now
Thank you very much. I have done the job.
Glad it was helpful!
Thank you Freddy. I followed the video and I was able to connect my local network to the Azure VM and using the S2S Azure-Sonicwall. Just a note, I use a Sonicwall TZ300 and the last step about using the routing entry, did not work for me, but with the VPN alone it got connected. The part where you mention to select the interface FMD.....etc, was not there. The only ones that showed up for me were X0, X1, W0 and Create VPN Tunnel Interface. However when I tried to create the VPN Tunnel Interface, the appliance told me I already had one setup. That's when I stopped and found out that without that extra step it was working already. But I like your video very much. I still have a great deal to learn Azure stuff. Thank you again!
thank you Gabriel, i will double check this.
Did you get it to work? We can add a section for the tz300 with the adjustments
@@freddydubon4619 Yes I did. Thank you for the follow up.
Wouldn't it have been better to set aes256 as the IPsec encryption algorithm over 3DES, since aes256 is what was specified in the configuration file? AES256 is a more secure and modern encryption standard compared to 3DES.
This video has otherwise been very useful. Thank you.
Freddy thanks for this video it did help me allot. Question how to you work the DNS if I am planning to eliminate my premise Domain service
Hi @soulcracker, you would have to implement Azure Private Zones and you can do conditional access for DNS from your onprem DNS servers for anything that lives in Azure and you can use Azure Public Zones for anything else the public Zones will allow you to resolve things like customer.com... I hope this helps
I followed your post. Very well done. The VPN and Route is up and working in my Sonicwall, however, I can't seem to be able to ping / connect to my on-prem subnet from my VM in Azure. I can ping the firewall that is on-prem and tunnel is up. Thoughts? NSG is wide open for the VM
I think it is a route in your VNET subnet that does not know about your onprem systems. you would have to create a user defined route and add the route to your onprem system and assign it to your VNET/subnet this is a commom problem when the route is not being propagated in Azure.
Great video.. I couldn't get my TZ470 connected. Not sure why. I'm going to spend more time on it later. The SonicOS 7.0 looks quite different. Would be cool to see an updated version. I will say the instructions on Sonicwall's site are not good at all.
I don't have a tz470 but we can work on it together and record it, if you are up to it
Great video- I'm having issues getting my TZ470 connected. I've tried everything, any chance you can help me?
Hi LadyLikeSnail, yes I can totally help out, let me know where you are getting stuck.
Thank you Freddy, I got the green connection light however my ping to a vm using the virtual network gateway is timing out. This is going to be used for a primary dc connecting to an on prem dc
is it possible to discuss this off of youtube comments?
any help would be greatly appreciated Freddy!
@@ladylikesnail5280 Sure, send me a message on instagram freddy1dubon
I don't seem to get a green dot connection. can you please help me.
Of course, DM me on Twitter @freddydubon and we can chat. I'll be happy to help you
Whilst this video is great - Do you have any content in which you setup a Sonicwall NSV INSIDE Azure and have that as the IPSec Headend for remote site VPNs to connect INTO ? All of the content I've found is for connecting Sonicwall TO Azure when Sonicwall have an NVA which can exist as a VM INSIDE Azure already - I want to create a VPN in Azure which is fronted by the Sonicwall NSv and connect my remote sites to it. Is this possible ?
@jakezxz1352, yes this is possible and I have done it with other firewall solutions such as PA, however sonicwall should be the same. what confuses alot of people is the internal/external ip configuration in a cloud environment. I will work ona video on this. thanks for watching