Site-to-Site VPN between your infrastructure and Windows Azure – using Mikrotik

While doing my demos for Windows server 2012 readiness I wanted to show my attendees also virtual machines that you can run now on Windows Azure (www.windowsazure.com – here you can try virtual machines and other Azure features for 180 days!).

Okey, that’s not a problem you go to the virtual machines tab and create machine… But I wanted to connect my infrastructure with Azure so I will be able to experience real hybrid-cloud solution with some services in my datacenter and some servcies in Microsoft cloud

If you want to do that you need to create new network configuration in network tab on Azure portal.

This procedure is well documented on: http://msdn.microsoft.com/en-us/library/windowsazure/jj156210#bkmk_ConfigVPN

But at the end you can download configuration for Cisco or Juniper… From that configuration I “extracted” the important steps to configure it on Mikrotik 750.

On your Mikrotik you need to go to IP / IPsec menu and then:

– configure peers

after that you need to configure IPSec tunnel parameters:

In the fist line you define your local subnet that you have in your datacenter, below you eneter subnet that you defined in Azure network configuration…

And in Action tab of IPsec policy you define that you want to create tunnel and you need to define endpoint IP addresses again…

Connection established!!!

I started to ping from my Azure Virtual machine to AD server in my organization…

and as seen from Azure portal perspective:

It is easy to configure virtual machines on Windows Azure platform and also very easy to establish site-to-site VPN connection – and it works also with “lower” budged routers and not only by using Cisco or Juniper.

I encourage you to try Microsoft Azure – you can try it for 3 months

See ya next time! 🙂

Leave a Reply

You must be logged in to post a comment.