Microsoft Docs

Azure Virtual WAN Quickstart

This guide walks you through the essential steps to get started with Azure Virtual WAN, enabling you to connect your on-premises networks and remote users to Azure securely and efficiently.

Prerequisites

Step 1: Create a Virtual WAN resource

Navigate to the Azure portal and search for "Virtual WAN". Create a new Virtual WAN resource. You'll need to provide a resource group, region, and a name for your Virtual WAN.

Key Fields:

  • Resource group: Choose an existing or create a new one.
  • Region: Select the region where you want to deploy your Virtual WAN.
  • Name: A unique name for your Virtual WAN resource.
  • Type: Choose 'Standard' for full features.
Create Virtual WAN

Step 2: Create a Virtual Hub

A Virtual Hub is a private cloud network within your Virtual WAN. It acts as a central point of connectivity.

Actions:

  1. In your Virtual WAN resource, select "Hubs" and click "+ Create hub".
  2. Specify the Resource group and Region (should match your Virtual WAN).
  3. Provide a Hub name.
  4. Select the Hub private address space (e.g., 10.0.0.0/24).
  5. Optionally configure VPN gateways, ExpressRoute gateways, and Firewall. For this quickstart, we'll focus on basic connectivity.
Create Virtual Hub

Step 3: Connect your Site

Now, let's connect your on-premises network (represented as a "site") to your Virtual Hub. This typically involves configuring a VPN device at your site.

To configure this, you'll typically need:

  • An IPsec/IKE compatible VPN device.
  • The public IP address of your VPN device.
  • A pre-shared key for authentication.

Actions in Azure:

  1. Navigate to your Virtual Hub.
  2. Select "Site-to-site VPN" under "VPN (Virtual network gateway)".
  3. Click "+ Add site".
  4. Enter a Site name.
  5. Select the Device vendor and Device model.
  6. Enter the IP address of your on-premises VPN device.
  7. Provide the Address space(s) of your on-premises network.
  8. Click "Create". This will generate the necessary connection configuration details for your on-premises VPN device.
Add Site

Step 4: Configure your On-Premises VPN Device

Using the information generated in the Azure portal (e.g., Azure VPN Gateway public IP, pre-shared key, IKE/IPsec parameters), configure your on-premises VPN device to establish a tunnel to the Virtual Hub.

This step is specific to your hardware vendor. Refer to your VPN device's documentation for detailed instructions.

Step 5: Verify Connectivity

Once the VPN tunnel is established, verify that you can reach resources in your Azure Virtual Network from your on-premises network and vice-versa.

Verification steps:

  • Check the VPN connection status in the Azure portal (under your Virtual Hub's site-to-site VPN).
  • Perform ping or trace route tests from a virtual machine in Azure to a server on-premises, and from an on-premises machine to a VM in Azure.

Congratulations! You have successfully set up a basic Azure Virtual WAN connection.

Next: Explore Azure Virtual WAN Features