Connecting an Azure virtual network to another Azure virtual network is very similar to connecting a virtual network to an on-premises site location. Both connectivity types use a virtual network gateway to provide a secure tunnel using IPsec/IKE. The VNets you connect can be in different subscriptions and different regions. You can even combine VNet to VNet communication with multi-site configurations. This lets you establish network topologies that combine cross-premises connectivity with inter-virtual network connectivity, as shown in the diagram below:
What can I do with Vnet to Vnet connectivity ?
Cross region geo-redundancy and geo-presence
- You can set up your own geo-replication or synchronization with secure connectivity without going over internet-facing endpoints.
- With Azure Load Balancer and Microsoft or third party clustering technology, you can setup highly available workload with geo-redundancy across multiple Azure regions. One important example is to setup SQL Always On with Availability Groups spreading across multiple Azure regions.
Regional multi-tier applications with strong isolation boundary
- Within the same region, you can setup multi-tier applications with multiple virtual networks connected together with strong isolation and secure inter-tier communication.
Cross subscription, inter-organization communication in Azure
- If you have multiple Azure subscriptions, you can now connect workloads from different subscriptions together securely between virtual networks.
- For enterprises or service providers, it is now possible to enable cross organization communication with secure VPN technology within Azure.
If you’ve already created a design plan for your virtual network, the following how-to guidance will help you configure specific settings. Keep in mind that properly designing your virtual network to support your environment is critical. Many settings cannot be changed once your virtual network is in use. If you haven’t yet made design decisions regarding your virtual network, please see Virtual Network Overview.
- Configure a Cloud-Only Virtual Network in the Management Portal
- Configure a Site-to-Site VPN in the Management Portal
- Configure a Site-to-Site VPN using Windows Server 2012 Routing and Remote Access Service (RRAS)
- Configure a Point-to-Site VPN in the Management Portal
- Configure a Multi-Site VPN
- Configure VNet to VNet Connectivity
- Configure a Virtual Network Gateway in the Management Portal
- Change a Virtual Network Gateway Routing Type
- Create an Affinity Group in the Management Portal
- Configure a Virtual Network Using a Network Configuration File
- Export Virtual Network Settings to a Network Configuration File
- Import a Network Configuration File
- Deleting a Virtual Network
- View and Edit Virtual Network Properties
- Add or Remove DNS Servers for a Virtual Network
- Configure a Static Internal IP Address (DIP) for a VM
- Move a VM or Role Instance to a Different Subnet