SlideShare a Scribd company logo

Windows Azure Virtual Network with between regions

kekekekenta
kekekekenta

Windows Azure Virtual Network with between regions http://kentablog.cluscore.com/2013/10/windows-azurevpn.html

Technology
1 of 12
Download to read offline
Windows Azure Virtual Network with between regions Japan Windows Azure User Group Kentaro Aoki @kekekekenta October 24, 2013
Virtual Networks Windows Azure East Asia Windows Azure West US vn-asia-gw.cloudapp.net (207.46.134.21) vn-us-gw.cloudapp.net (168.61.66.238) vn-asia (10.20.0.0/16) vn-us (10.10.0.0/16) vn-asia-vm Ubuntu VM 10.20.0.5 GATEWAY (static routing) 207.46.137.55 vn-us-gw Ubuntu VPN GW 10.10.0.4 vn-us-vm Ubuntu VM 10.10.0.5 internet vn-asia-gw Ubuntu VPN GW 10.20.0.4 GATEWAY (static routing) 168.61.64.182 2
Using Network Address Translation Windows Azure East Asia Windows Azure West US vn-asia-gw.cloudapp.net (207.46.134.21) vn-us-gw.cloudapp.net (168.61.66.238) vn-asia (10.20.0.0/16) vn-us (10.10.0.0/16) vn-asia-vm Ubuntu VM 10.20.0.5 GATEWAY (static routing) 207.46.137.55 vn-us-gw Ubuntu VPN GW 10.10.0.4 internet vn-asia-gw Ubuntu VPN GW NAT (Masquerading) 10.20.0.4 vn-us-vm Ubuntu VM 10.10.0.5 NAT (Masquerading) GATEWAY (static routing) 168.61.64.182 3
Virtual Network Settings Windows Azure East Asia Windows Azure West US 4
VPN Configurations for the vn-asia-gw (1) • Create New Virtual Machine from Azure Portal – Ubuntu Server 12.04 LTS • Install IP-Sec Software on Ubuntu – $sudo apt-get install openswan • Setup IP-Sec Nat-Traversal – $sudo vi /etc/ipsec.conf • Config setup • protostack=netkey • nat_traversal=yes • virtual_private=%v4:10.20.0.0/16 • oe=off • include /etc/ipsec.d/*.conf 5
VPN Configurations for the vn-asia-gw (2) • Setup VPN Information – $sudo vi /etc/ipsec.d/azure-us.conf • conn azure-us • authby=secret • auto=start • type=tunnel • left=10.20.0.4 • leftsubnet=10.20.0.0/16 • leftnexthop=%defaultroute • right=168.61.64.182 • rightsubnet=10.10.0.0/16 • ike=aes128-sha1-modp1024 • esp=aes128-sha1 • pfs=no 6
VPN Configurations for the vn-asia-gw (3) • Setup Secret Key – $sudo vi /etc /ipec.secrets • 10.20.0.4 168.61.64.182 : PSK "krOurXxXX6…XXX“ • Enable ipv4 forwarding – $sudo vi /etc /sysctl.conf • net.ipv4.ip_forward=1 – $sudo sysctl -p /etc /sysctl.conf • Enable IP-Sec – $sudo service ipsec restart 7
VPN Configurations for the vn-asia-gw (4) • Setup Firewall for SSH – $sudo ufw allow proto tcp to any port 22 • Setup Firewall for IP-Sec NAT Traversal – $sudo ufw allow proto udp to any port 500 – $sudo ufw allow proto udp to any port 4500 • Enable ipv4 forwarding for NAT – $sudo vi /etc /default/ufw • DEFAULT_FORWARD_POLICY="ACCEPT“ 8
VPN Configurations for the vn-asia-gw (5) • Setup NAT Rule – $sudo vi /etc /ufw/before.rules (add following rule to the top) • # nat Table rules • *nat • :POSTROUTING ACCEPT [0:0] • # Forward traffic from eth1 through eth0. • -A POSTROUTING -s 10.10.0.0/16 -o eth0 -j MASQUERADE • # don't delete the 'COMMIT' line or these nat table rules won't be processed • COMMIT 9
VPN Configurations for the vn-asia-gw (6) • Enable ufw (aka iptables) – $sudo ufw disable && sudo ufw enable 10
Ping through the VPN tunnel Windows Azure East Asia Windows Azure West US 11
Articles • VPN connection in the region between the Windows Azure – http://kentablog.cluscore.com/2013/10/windows-azurevpn.html • Research ed. – http://kentablog.cluscore.com/2013/10/creating-site-to-sitevpn-with-regions.html 12

Recommended

Cyberbullying in the Middle Years
Cyberbullying in the Middle YearsCyberbullying in the Middle Years
Cyberbullying in the Middle Yearselketeaches
 
Azure Key Vault
Azure Key VaultAzure Key Vault
Azure Key Vaultjunichi anno
 
Low-Latency Analytics with NoSQL – Introduction to Storm and Cassandra
Low-Latency Analytics with NoSQL – Introduction to Storm and CassandraLow-Latency Analytics with NoSQL – Introduction to Storm and Cassandra
Low-Latency Analytics with NoSQL – Introduction to Storm and CassandraCaserta
 
EMOCON 2017 S/S - 마음이 편해지는 글로벌 인프라 만들기
EMOCON 2017 S/S - 마음이 편해지는 글로벌 인프라 만들기EMOCON 2017 S/S - 마음이 편해지는 글로벌 인프라 만들기
EMOCON 2017 S/S - 마음이 편해지는 글로벌 인프라 만들기Seung Heun Noh
 
7+1 hiba, amit Te is elkövet(het)sz
7+1 hiba, amit Te is elkövet(het)sz7+1 hiba, amit Te is elkövet(het)sz
7+1 hiba, amit Te is elkövet(het)szCzímer Zoltán
 
Esdm Case Studies
Esdm Case StudiesEsdm Case Studies
Esdm Case StudiesTony Andre
 
أساسيات العمل الجماعي
أساسيات العمل الجماعي أساسيات العمل الجماعي
أساسيات العمل الجماعي Ismail Ibrahim
 
DGIQ 2015 The Fundamentals of Data Quality
DGIQ 2015 The Fundamentals of Data QualityDGIQ 2015 The Fundamentals of Data Quality
DGIQ 2015 The Fundamentals of Data QualityCaserta
 

Recommended

Cyberbullying in the Middle Years
Cyberbullying in the Middle YearsCyberbullying in the Middle Years
Cyberbullying in the Middle Yearselketeaches
 
Azure Key Vault
Azure Key VaultAzure Key Vault
Azure Key Vaultjunichi anno
 
Low-Latency Analytics with NoSQL – Introduction to Storm and Cassandra
Low-Latency Analytics with NoSQL – Introduction to Storm and CassandraLow-Latency Analytics with NoSQL – Introduction to Storm and Cassandra
Low-Latency Analytics with NoSQL – Introduction to Storm and CassandraCaserta
 
EMOCON 2017 S/S - 마음이 편해지는 글로벌 인프라 만들기
EMOCON 2017 S/S - 마음이 편해지는 글로벌 인프라 만들기EMOCON 2017 S/S - 마음이 편해지는 글로벌 인프라 만들기
EMOCON 2017 S/S - 마음이 편해지는 글로벌 인프라 만들기Seung Heun Noh
 
7+1 hiba, amit Te is elkövet(het)sz
7+1 hiba, amit Te is elkövet(het)sz7+1 hiba, amit Te is elkövet(het)sz
7+1 hiba, amit Te is elkövet(het)szCzímer Zoltán
 
Esdm Case Studies
Esdm Case StudiesEsdm Case Studies
Esdm Case StudiesTony Andre
 
أساسيات العمل الجماعي
أساسيات العمل الجماعي أساسيات العمل الجماعي
أساسيات العمل الجماعي Ismail Ibrahim
 
DGIQ 2015 The Fundamentals of Data Quality
DGIQ 2015 The Fundamentals of Data QualityDGIQ 2015 The Fundamentals of Data Quality
DGIQ 2015 The Fundamentals of Data QualityCaserta
 
Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic
 
Play Framework - Toulouse JUG - nov 2011
Play Framework - Toulouse JUG - nov 2011Play Framework - Toulouse JUG - nov 2011
Play Framework - Toulouse JUG - nov 2011Sylvain Wallez
 
Four Graphics credentials
Four Graphics credentialsFour Graphics credentials
Four Graphics credentialsEmile Melki
 
Lambda Architecture and open source technology stack for real time big data
Lambda Architecture and open source technology stack for real time big dataLambda Architecture and open source technology stack for real time big data
Lambda Architecture and open source technology stack for real time big dataTrieu Nguyen
 
Water resources
Water resourcesWater resources
Water resourcesEmily Kissner
 
Introducing the Big Data Ecosystem with Caserta Concepts & Talend
Introducing the Big Data Ecosystem with Caserta Concepts & TalendIntroducing the Big Data Ecosystem with Caserta Concepts & Talend
Introducing the Big Data Ecosystem with Caserta Concepts & TalendCaserta
 
Building an ai with raspberry pi
Building an ai with raspberry piBuilding an ai with raspberry pi
Building an ai with raspberry piHaesung Lee
 
Dataiku pig - hive - cascading
Dataiku pig - hive - cascadingDataiku pig - hive - cascading
Dataiku pig - hive - cascadingDataiku
 
Click or clunk
Click or clunkClick or clunk
Click or clunkEmily Kissner
 
Technical Radar (Chinese version) 2014-06
Technical Radar (Chinese version) 2014-06Technical Radar (Chinese version) 2014-06
Technical Radar (Chinese version) 2014-06Freyr Lin
 
Nano Server First Step
Nano Server First StepNano Server First Step
Nano Server First StepKazuki Takai
 
1524 how ibm's big data solution can help you gain insight into your data cen...
1524 how ibm's big data solution can help you gain insight into your data cen...1524 how ibm's big data solution can help you gain insight into your data cen...
1524 how ibm's big data solution can help you gain insight into your data cen...IBM
 
Graylog for open stack 3 steps to know why
Graylog for open stack 3 steps to know whyGraylog for open stack 3 steps to know why
Graylog for open stack 3 steps to know whyMạnh Đinh
 
Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...
Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...
Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...CA Technologies
 
Next Generation Data Center Strategies
Next Generation Data Center StrategiesNext Generation Data Center Strategies
Next Generation Data Center StrategiesVenkat Nambiyur
 
Solr At Scale For Time-Oriented Data: Presented by Brett Hoerner, Rocana
Solr At Scale For Time-Oriented Data: Presented by Brett Hoerner, RocanaSolr At Scale For Time-Oriented Data: Presented by Brett Hoerner, Rocana
Solr At Scale For Time-Oriented Data: Presented by Brett Hoerner, RocanaLucidworks
 
Azure Cognitive Service Personalizer(Preview)
Azure Cognitive Service Personalizer(Preview)Azure Cognitive Service Personalizer(Preview)
Azure Cognitive Service Personalizer(Preview)kekekekenta
 
アプリケーション開発と分析のための Log Analytics
アプリケーション開発と分析のための Log Analytics アプリケーション開発と分析のための Log Analytics
アプリケーション開発と分析のための Log Analytics kekekekenta
 
Microsoft Azure の概要と最近のアップデート(2016年6月25日)
Microsoft Azure の概要と最近のアップデート(2016年6月25日)Microsoft Azure の概要と最近のアップデート(2016年6月25日)
Microsoft Azure の概要と最近のアップデート(2016年6月25日)kekekekenta
 
SORACOM と Azure で IoT
SORACOM と Azure で IoTSORACOM と Azure で IoT
SORACOM と Azure で IoTkekekekenta
 
GoAzure 2015 Azure AD for Developers
GoAzure 2015 Azure AD for DevelopersGoAzure 2015 Azure AD for Developers
GoAzure 2015 Azure AD for Developerskekekekenta
 
これからAzureを始める人へ(LT)
これからAzureを始める人へ(LT)これからAzureを始める人へ(LT)
これからAzureを始める人へ(LT)kekekekenta
 

More Related Content

Viewers also liked

Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic
 
Play Framework - Toulouse JUG - nov 2011
Play Framework - Toulouse JUG - nov 2011Play Framework - Toulouse JUG - nov 2011
Play Framework - Toulouse JUG - nov 2011Sylvain Wallez
 
Four Graphics credentials
Four Graphics credentialsFour Graphics credentials
Four Graphics credentialsEmile Melki
 
Lambda Architecture and open source technology stack for real time big data
Lambda Architecture and open source technology stack for real time big dataLambda Architecture and open source technology stack for real time big data
Lambda Architecture and open source technology stack for real time big dataTrieu Nguyen
 
Introducing the Big Data Ecosystem with Caserta Concepts & Talend
Introducing the Big Data Ecosystem with Caserta Concepts & TalendIntroducing the Big Data Ecosystem with Caserta Concepts & Talend
Introducing the Big Data Ecosystem with Caserta Concepts & TalendCaserta
 
Building an ai with raspberry pi
Building an ai with raspberry piBuilding an ai with raspberry pi
Building an ai with raspberry piHaesung Lee
 
Dataiku pig - hive - cascading
Dataiku pig - hive - cascadingDataiku pig - hive - cascading
Dataiku pig - hive - cascadingDataiku
 
Technical Radar (Chinese version) 2014-06
Technical Radar (Chinese version) 2014-06Technical Radar (Chinese version) 2014-06
Technical Radar (Chinese version) 2014-06Freyr Lin
 
Nano Server First Step
Nano Server First StepNano Server First Step
Nano Server First StepKazuki Takai
 
1524 how ibm's big data solution can help you gain insight into your data cen...
1524 how ibm's big data solution can help you gain insight into your data cen...1524 how ibm's big data solution can help you gain insight into your data cen...
1524 how ibm's big data solution can help you gain insight into your data cen...IBM
 
Graylog for open stack 3 steps to know why
Graylog for open stack 3 steps to know whyGraylog for open stack 3 steps to know why
Graylog for open stack 3 steps to know whyMạnh Đinh
 
Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...
Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...
Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...CA Technologies
 
Next Generation Data Center Strategies
Next Generation Data Center StrategiesNext Generation Data Center Strategies
Next Generation Data Center StrategiesVenkat Nambiyur
 
Solr At Scale For Time-Oriented Data: Presented by Brett Hoerner, Rocana
Solr At Scale For Time-Oriented Data: Presented by Brett Hoerner, RocanaSolr At Scale For Time-Oriented Data: Presented by Brett Hoerner, Rocana
Solr At Scale For Time-Oriented Data: Presented by Brett Hoerner, RocanaLucidworks
 

Viewers also liked (16)

Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016
 
Play Framework - Toulouse JUG - nov 2011
Play Framework - Toulouse JUG - nov 2011Play Framework - Toulouse JUG - nov 2011
Play Framework - Toulouse JUG - nov 2011
 
Four Graphics credentials
Four Graphics credentialsFour Graphics credentials
Four Graphics credentials
 
Lambda Architecture and open source technology stack for real time big data
Lambda Architecture and open source technology stack for real time big dataLambda Architecture and open source technology stack for real time big data
Lambda Architecture and open source technology stack for real time big data
 
Water resources
Water resourcesWater resources
Water resources
 
Introducing the Big Data Ecosystem with Caserta Concepts & Talend
Introducing the Big Data Ecosystem with Caserta Concepts & TalendIntroducing the Big Data Ecosystem with Caserta Concepts & Talend
Introducing the Big Data Ecosystem with Caserta Concepts & Talend
 
Building an ai with raspberry pi
Building an ai with raspberry piBuilding an ai with raspberry pi
Building an ai with raspberry pi
 
Dataiku pig - hive - cascading
Dataiku pig - hive - cascadingDataiku pig - hive - cascading
Dataiku pig - hive - cascading
 
Click or clunk
Click or clunkClick or clunk
Click or clunk
 
Technical Radar (Chinese version) 2014-06
Technical Radar (Chinese version) 2014-06Technical Radar (Chinese version) 2014-06
Technical Radar (Chinese version) 2014-06
 
Nano Server First Step
Nano Server First StepNano Server First Step
Nano Server First Step
 
1524 how ibm's big data solution can help you gain insight into your data cen...
1524 how ibm's big data solution can help you gain insight into your data cen...1524 how ibm's big data solution can help you gain insight into your data cen...
1524 how ibm's big data solution can help you gain insight into your data cen...
 
Graylog for open stack 3 steps to know why
Graylog for open stack 3 steps to know whyGraylog for open stack 3 steps to know why
Graylog for open stack 3 steps to know why
 
Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...
Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...
Agile Operations Keynote: Redefine the Role of IT Operations With Digital Tra...
 
Next Generation Data Center Strategies
Next Generation Data Center StrategiesNext Generation Data Center Strategies
Next Generation Data Center Strategies
 
Solr At Scale For Time-Oriented Data: Presented by Brett Hoerner, Rocana
Solr At Scale For Time-Oriented Data: Presented by Brett Hoerner, RocanaSolr At Scale For Time-Oriented Data: Presented by Brett Hoerner, Rocana
Solr At Scale For Time-Oriented Data: Presented by Brett Hoerner, Rocana
 

More from kekekekenta

Azure Cognitive Service Personalizer(Preview)
Azure Cognitive Service Personalizer(Preview)Azure Cognitive Service Personalizer(Preview)
Azure Cognitive Service Personalizer(Preview)kekekekenta
 
アプリケーション開発と分析のための Log Analytics
アプリケーション開発と分析のための Log Analytics アプリケーション開発と分析のための Log Analytics
アプリケーション開発と分析のための Log Analytics kekekekenta
 
Microsoft Azure の概要と最近のアップデート(2016年6月25日)
Microsoft Azure の概要と最近のアップデート(2016年6月25日)Microsoft Azure の概要と最近のアップデート(2016年6月25日)
Microsoft Azure の概要と最近のアップデート(2016年6月25日)kekekekenta
 
SORACOM と Azure で IoT
SORACOM と Azure で IoTSORACOM と Azure で IoT
SORACOM と Azure で IoTkekekekenta
 
GoAzure 2015 Azure AD for Developers
GoAzure 2015 Azure AD for DevelopersGoAzure 2015 Azure AD for Developers
GoAzure 2015 Azure AD for Developerskekekekenta
 
これからAzureを始める人へ(LT)
これからAzureを始める人へ(LT)これからAzureを始める人へ(LT)
これからAzureを始める人へ(LT)kekekekenta
 
Build 2014 Azure インフラエンジニア向けアップデート
Build 2014 Azure インフラエンジニア向けアップデートBuild 2014 Azure インフラエンジニア向けアップデート
Build 2014 Azure インフラエンジニア向けアップデートkekekekenta
 
Windows Azure Active Directory Multi-Factor Authentication Preview for Phone ...
Windows Azure Active Directory Multi-Factor Authentication Preview for Phone ...Windows Azure Active Directory Multi-Factor Authentication Preview for Phone ...
Windows Azure Active Directory Multi-Factor Authentication Preview for Phone ...kekekekenta
 
Windows Azure Active Directory for your cloud applications
Windows Azure Active Directory for your cloud applicationsWindows Azure Active Directory for your cloud applications
Windows Azure Active Directory for your cloud applicationskekekekenta
 

More from kekekekenta (9)

Azure Cognitive Service Personalizer(Preview)
Azure Cognitive Service Personalizer(Preview)Azure Cognitive Service Personalizer(Preview)
Azure Cognitive Service Personalizer(Preview)
 
アプリケーション開発と分析のための Log Analytics
アプリケーション開発と分析のための Log Analytics アプリケーション開発と分析のための Log Analytics
アプリケーション開発と分析のための Log Analytics
 
Microsoft Azure の概要と最近のアップデート(2016年6月25日)
Microsoft Azure の概要と最近のアップデート(2016年6月25日)Microsoft Azure の概要と最近のアップデート(2016年6月25日)
Microsoft Azure の概要と最近のアップデート(2016年6月25日)
 
SORACOM と Azure で IoT
SORACOM と Azure で IoTSORACOM と Azure で IoT
SORACOM と Azure で IoT
 
GoAzure 2015 Azure AD for Developers
GoAzure 2015 Azure AD for DevelopersGoAzure 2015 Azure AD for Developers
GoAzure 2015 Azure AD for Developers
 
これからAzureを始める人へ(LT)
これからAzureを始める人へ(LT)これからAzureを始める人へ(LT)
これからAzureを始める人へ(LT)
 
Build 2014 Azure インフラエンジニア向けアップデート
Build 2014 Azure インフラエンジニア向けアップデートBuild 2014 Azure インフラエンジニア向けアップデート
Build 2014 Azure インフラエンジニア向けアップデート
 
Windows Azure Active Directory Multi-Factor Authentication Preview for Phone ...
Windows Azure Active Directory Multi-Factor Authentication Preview for Phone ...Windows Azure Active Directory Multi-Factor Authentication Preview for Phone ...
Windows Azure Active Directory Multi-Factor Authentication Preview for Phone ...
 
Windows Azure Active Directory for your cloud applications
Windows Azure Active Directory for your cloud applicationsWindows Azure Active Directory for your cloud applications
Windows Azure Active Directory for your cloud applications
 

Recently uploaded

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Recently uploaded (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Windows Azure Virtual Network with between regions

  • 1. Windows Azure Virtual Network with between regions Japan Windows Azure User Group Kentaro Aoki @kekekekenta October 24, 2013
  • 2. Virtual Networks Windows Azure East Asia Windows Azure West US vn-asia-gw.cloudapp.net (207.46.134.21) vn-us-gw.cloudapp.net (168.61.66.238) vn-asia (10.20.0.0/16) vn-us (10.10.0.0/16) vn-asia-vm Ubuntu VM 10.20.0.5 GATEWAY (static routing) 207.46.137.55 vn-us-gw Ubuntu VPN GW 10.10.0.4 vn-us-vm Ubuntu VM 10.10.0.5 internet vn-asia-gw Ubuntu VPN GW 10.20.0.4 GATEWAY (static routing) 168.61.64.182 2
  • 3. Using Network Address Translation Windows Azure East Asia Windows Azure West US vn-asia-gw.cloudapp.net (207.46.134.21) vn-us-gw.cloudapp.net (168.61.66.238) vn-asia (10.20.0.0/16) vn-us (10.10.0.0/16) vn-asia-vm Ubuntu VM 10.20.0.5 GATEWAY (static routing) 207.46.137.55 vn-us-gw Ubuntu VPN GW 10.10.0.4 internet vn-asia-gw Ubuntu VPN GW NAT (Masquerading) 10.20.0.4 vn-us-vm Ubuntu VM 10.10.0.5 NAT (Masquerading) GATEWAY (static routing) 168.61.64.182 3
  • 4. Virtual Network Settings Windows Azure East Asia Windows Azure West US 4
  • 5. VPN Configurations for the vn-asia-gw (1) • Create New Virtual Machine from Azure Portal – Ubuntu Server 12.04 LTS • Install IP-Sec Software on Ubuntu – $sudo apt-get install openswan • Setup IP-Sec Nat-Traversal – $sudo vi /etc/ipsec.conf • Config setup • protostack=netkey • nat_traversal=yes • virtual_private=%v4:10.20.0.0/16 • oe=off • include /etc/ipsec.d/*.conf 5
  • 6. VPN Configurations for the vn-asia-gw (2) • Setup VPN Information – $sudo vi /etc/ipsec.d/azure-us.conf • conn azure-us • authby=secret • auto=start • type=tunnel • left=10.20.0.4 • leftsubnet=10.20.0.0/16 • leftnexthop=%defaultroute • right=168.61.64.182 • rightsubnet=10.10.0.0/16 • ike=aes128-sha1-modp1024 • esp=aes128-sha1 • pfs=no 6
  • 7. VPN Configurations for the vn-asia-gw (3) • Setup Secret Key – $sudo vi /etc /ipec.secrets • 10.20.0.4 168.61.64.182 : PSK "krOurXxXX6…XXX“ • Enable ipv4 forwarding – $sudo vi /etc /sysctl.conf • net.ipv4.ip_forward=1 – $sudo sysctl -p /etc /sysctl.conf • Enable IP-Sec – $sudo service ipsec restart 7
  • 8. VPN Configurations for the vn-asia-gw (4) • Setup Firewall for SSH – $sudo ufw allow proto tcp to any port 22 • Setup Firewall for IP-Sec NAT Traversal – $sudo ufw allow proto udp to any port 500 – $sudo ufw allow proto udp to any port 4500 • Enable ipv4 forwarding for NAT – $sudo vi /etc /default/ufw • DEFAULT_FORWARD_POLICY="ACCEPT“ 8
  • 9. VPN Configurations for the vn-asia-gw (5) • Setup NAT Rule – $sudo vi /etc /ufw/before.rules (add following rule to the top) • # nat Table rules • *nat • :POSTROUTING ACCEPT [0:0] • # Forward traffic from eth1 through eth0. • -A POSTROUTING -s 10.10.0.0/16 -o eth0 -j MASQUERADE • # don't delete the 'COMMIT' line or these nat table rules won't be processed • COMMIT 9
  • 10. VPN Configurations for the vn-asia-gw (6) • Enable ufw (aka iptables) – $sudo ufw disable && sudo ufw enable 10
  • 11. Ping through the VPN tunnel Windows Azure East Asia Windows Azure West US 11
  • 12. Articles • VPN connection in the region between the Windows Azure – http://kentablog.cluscore.com/2013/10/windows-azurevpn.html • Research ed. – http://kentablog.cluscore.com/2013/10/creating-site-to-sitevpn-with-regions.html 12