Diagram here: https://i.imgur.com/Wij2xc4.png
I have two VPN gateways in two regions, one in Asia and one in UK. Singapore and Shanghai offices both use S2S Route based VPN to connect to VPN Gateway in SouthEast Asia. Singapore and Shanghai offices can talk to each other via Azure gateway.
Same situation in South UK region for London and Amsterdam offices. Additionally, we have some VMs in Azure, based in South UK.
I would like to achieve two things:
- Make sure that Singapore and Shanghai offices can reach VMs in UK South region via Azure backbone. They could have a tunnel to UK South VPN Gateway, but I guess connecting to closes Azure region and then using Azure networks to get to UK Souch should be better?
- Make sure that Singapore and Shanghai can talk to Amsterdam and London the same way. Each office should connect to the closest Azure region, and they should be able to talk to each other via Azure backbone.
How do I do this? When googling I keep finding instructions for vnet peering with gateway transit, but this does not seem to work when both VNETs have a VPN gateway. Should I do VNET-to-VNET VPN? Or S2S VPN between gateways? Do I need custom routes to make it work?
Thanks!
No comments:
Post a Comment