Greetings friends, if we remember the introduction to this series on how to create a Disaster Recovery plan with Veeam in Microsoft Azure, we had the following diagram:
In the diagram we can see how between the two locations we are using Veeam PN for connectivity, in this article today we will see the step-by-step steps to deploy and configure VeeamPN in both locations.
Deploy Veeam PN Network Hub to Microsoft Azure
Veeam Powered Network can be deployed directly from the Microsoft Azure Marketplace, making it very simple and convenient to use.
From the Microsoft Azure console, we will go to Create a resource and search for Veeam, among the results we can see Veeam PN for Microsoft Azure, we will select it:
At the time of deployment, we will have to enter certain information to continue, such as the name of the VM, the user and password for the Veeam PN management console, the subscription we want, at the resource group level, we will create a new one called veeampn and in Location I will select the location in which I want to deploy Virtual Machines, etc.
In the second step, we will have to select a valid and free domain name for this machine, and also configure the networking:
We will have to configure the storage account, in the same way as before, simply by selecting a new storage account. Once everything is ready we will click on ok.
We will select the encryption level for the key, I have selected 2048, as it is recommended in these cases:
In this fourth step, we will leave everything by default as it is the ports and VPN configuration:
Finally, in the summary, if everything is correct, we will click OK when the resource registration task is completed:
We will accept the terms of use, and finally click create:
We will see how the deployment task begins and see the resource in the Dashboard.
Personally I like the view of Virtual Machines better, if we click on our new VM, we will see details of the VM, including the public IP that will be useful very soon:
Configuring Veeam PN Network Hub
Now that we have already deployed the VM in Azure with Veeam PN inside, we will open by https the Veeam PN IP https://veeam-pn-ip
Once we enter the user name and password that we defined previously, we will be asked for a new password to access the Veeam PN Hub:
Select that this Veeam PN is of the Network Hub type and click Next:
Select the domain and the encryption level you want for the SSL certificate:
The process of creating the SSL certificate will begin:
And after a few seconds we will have everything ready, click OK:
In the initial configuration, we will select the public IP that this Veeam PN Network Hub has, in my case the public IP of the Azure VM, in addition I have enabled the two options, site-to-site VPN and point-to-site:
Once we have done this, we will have completed the initial configuration, Veeam will show us a link to download Veeam PN for the other location:
We have one more step to have all the configuration ready in the Veeam PN Hub, we will go to Overview – Add new client, or directly in the Clients tab:
Select the name you want and in Network Address add our internal Azure network:
In addition to this site, press the Add site button again, and select Standalone computer this time, this step is to create a VPN point-to-site from my VBR on-prem and Microsoft Azure:
We will select a descriptive name for ourselves:
And that would be it, press Finish, this will give us a VPN configuration that we can import later in the VBR that I have my datacenter:
We will have to keep this file and put it in the local VBR.
Install and configure OpenVPN on my on-prem VBR
Since we have our Veeam PN in Azure configured and ready, in our local VBR we will download OpenVPN from the official website, in my case I will use version 2.4.5
The installer is a simple next/next:
To add the profile that Veeam PN has given us, go to the OpenVPN icon, and select Import file:
Once the configuration file has been imported, click on Connect:
We will see something similar to this, and most importantly, we will see bytes in and bytes out: If we do a route print on this computer we will see that we have a new path to the Microsoft Azure network using the VPN gateway IP:
This step of configuring the VPN could also be site-to-site, so that my entire internal network is connected to Microsoft Azure, simply deploy a Veeam PN and configure it as a site gateway, I leave it to your liking.
I would like to leave you the list of articles that we will be seeing throughout the series:
- Backup and restore workloads to Microsoft Azure – Introduction
- Backup and restore workloads to Microsoft Azure – Connectivity between our Datacenter and Microsoft Azure
- Backup and restore workloads to Microsoft Azure – Deploy Veeam Backup & Replication in Microsoft Azure
- Backup and restore workloads to Microsoft Azure – Configuration in our Datacenter for backup to Microsoft Azure
- Backup and restore workloads to Microsoft Azure – Restoring Microsoft Azure, from Microsoft Azure
- Backup and restore workloads to Microsoft Azure – Migrate workloads from Microsoft Azure to our Datacenter
[…] Backup and restore workloads to Microsoft Azure – Connectivity between our Datacenter and Microsof… […]