Azure Virtual WAN Quickstart

Quickstart: Create a Virtual WAN and connect to Azure resources

This article guides you through the process of creating a Virtual WAN and connecting your on-premises network to Azure resources. Virtual WAN is a networking service that brings many networking, security, and routing functionalities together to provide a single operational interface.

Prerequisites

Before you begin, ensure you have the following:

An Azure subscription. If you don't have one, create a free account.
A virtual network (VNet) in Azure that you want to connect to the Virtual WAN.

Step 1: Create a Virtual WAN

Navigate to Virtual WAN

In the Azure portal, search for and select "Virtual WAN". Click "Create" to begin the creation process.

Configure Virtual WAN settings

On the "Basics" tab:

Subscription: Select your Azure subscription.
Resource group: Create a new one or select an existing one.
Name: Enter a name for your Virtual WAN (e.g., myVirtualWAN).
Region: Select a region for your Virtual WAN.
Type: Choose "Standard" for full Virtual WAN capabilities.

Click "Review + create" and then "Create".

Step 2: Create a Virtual Hub

A virtual hub is a Microsoft-managed virtual network that serves as the central point of your Virtual WAN. All connections are made to the virtual hub.

Navigate to your Virtual WAN

Once your Virtual WAN is deployed, navigate to its resource page. Click "Virtual hubs" in the left menu, then click "+ Create hub".

Configure Virtual Hub settings

On the "Basics" tab:

Region: This should match your Virtual WAN region.
Name: Enter a name for your hub (e.g., myHub).
Hub private address space: Specify a unique /24 CIDR block within the address space of your Virtual WAN (e.g., 10.1.0.0/24).
Capacity: Choose an appropriate capacity.

Click "Review + create" and then "Create".

Step 3: Connect your VNet to the Virtual Hub

Now, let's connect the Azure VNet you created earlier to the virtual hub.

Navigate to your Virtual Hub

Go to the virtual hub you just created. In the left menu, click "Virtual network connections" and then click "+ Add connection".

Configure VNet connection

Connection name: Give your connection a name (e.g., myVNetConnection).
Virtual networks: Select the VNet you want to connect.
Propagate to none: Usually set to "None".
Labels: Optional labels for routing.
Enable internet transit: If you want to route internet traffic from this VNet through the hub.
Enable branch to branch traffic: To allow communication between different branches connected to the hub.

Click "Add".

Step 4: Configure Site-to-Site VPN (Optional)

To connect your on-premises network, you'll typically use a VPN device or Azure VPN Gateway.

In your Virtual WAN, go to "Site-to-site VPNs" and click "+ Create site".
Configure your VPN device details, including its public IP address and connection keys.
Ensure your on-premises VPN device is configured to establish a tunnel to the Azure VPN gateway associated with your virtual hub.

Note: This quickstart focuses on the Azure portal setup. For on-premises configuration, refer to your VPN device documentation.

Next Steps

Congratulations! You have successfully created a Virtual WAN, a virtual hub, and connected an Azure VNet. You can now:

Configure routing within your Virtual WAN.
Set up a VPN gateway for site-to-site connectivity.
Deploy other Azure services and integrate them with your Virtual WAN.