To allow communication between vNet’s in Azure we can set up peering connections. This is useful if there is a need to have different vNet’s for things like web app’s and backend database zones.
To configure peering we will require two different vNets both must be in the same Azure region.
Currently when I try to ping a VM that is running in a different vNet there is no communication.
Logon to Azure
Go to All services > Virtual networks
Once in Virtual networks select the network that will be configure for peering
Once the network blade is open go to peering > Add
Enter a Name, select the Subscription that the other vNet is in. Then Select the Virtual Network. Under configuration select Enabled and the last step tick Allow forwarded traffic
Below are some details on three options:
Allow forwarded traffic: This setting allows the peer’s forwarded traffic (traffic not originating from inside the peer virtual network) into your virtual network.
Allow gateway transit: Allows the peer virtual network to use your virtual network gateway. The peer virtual network cannot already have a gateway configured, and must select ‘use remote gateway’ in its peering settings.
Use remote gateway: You will need to Select this option if you wish to use your peer’s virtual network gateway. The peer virtual network must have a gateway configured, as well as ‘allow gateway transit’ enabled. Only one peering in this virtual network can have this enabled. You cannot use this setting if you already have a gateway configured in your virtual network.
Once all settings are confirmed click ok to create the peering
Two allow communication both ways, there will need to peering setup on the App network aswell.
Once both are enabled we can now see response to ping requests
To lock down communication between the networks we can add NSG’s to restricted what inbound and outbound traffic is allowed from the subnet’s.
TheSleepyAdmins 