1. Overview of Virtual WAN
So let’s take a look at the Azure Virtual Wan. Wan stands for Wide Area Network, and it’s an old term from the early days of office connectivity. The Virtual Wan is basically a device that allows you to do a lot of the things we’ve been talking about in terms of hybrid connectivity and cross-Vet connectivity in one device. Look at that. So here’s a really useful network diagram. In it, we can see that we have two virtual wands that are connected to each other, but they’re also connected to express routes, site-to-site VPNs, a point-to-site VPN, and they’re also serving as Vet connectivity.
Now, this is a hub and spoke model, in fact, two hub and spoke models that are connected together. So you’ve got multiple networks on site and Right? You’re trying to connect A and B, and then A and D, and then B and C, and things get pretty complicated. So by having a virtual network hub, or a virtual LAN hub, in this case, you have that central point where basically all of your different networks, both on premises and on Azure, can connect to the same thing. So instead of trying to connect two virtual networks together, they’re all connected into a hub. It’s just a container for other things. The real power here comes when we create a hub. So a hub is like virtual network that can contain gateways.
And this is where this virtual networks going to contain a gateway. And that could be Site to Site Express route, point to site. So I’m going to say create a virtual hub. Put this in West US, give it a name, virtual Hub one. And again, this is like a virtual network. It needs to have its own address space, and so I can say ten, dot, 20, zero. Creating a hub with a gateway will take 30 minutes. Now, again, this Virtual Hub is a virtual network. And then on there, you’re going to basically enable either site to site, point to Site Express route. All three depends on what you know that you’re going to need. Each 500 megabits per second has a cost associated with it.
Remember, it was like $0.25 an hour for the device and $0.36 an hour for the one scale unit. And routing preference is if it’s basically before this device. This is a site to site VPN. Do you want this to travel over the Microsoft internal network as much as it can before it has to egress onto the Internet to get to your device? Or do you want it to egress as quickly as possible and travel over the open Internet for the rest of the way? So the real question is whether you want to exit at the first or last ramp before reaching the Internet. Now, very similarly, we could set up a point-to-site express route for these other network gateway devices at the same time we’re creating the virtual network hub. I’m just going to go ahead and skip ahead and create the virtual network hub with just site-to-site enabled. Since we know it’s going to take 30 minutes, we’ll just give it that time.
2. Virtual WAN Hub Demo
Alright, so our virtual Win hub has been created and when we go to the resource, it’s Avery odd interface in terms of the just the data being on the front page here’s this is just the hub. We want to go back to the virtual Win. So we’re going to go back to home and then to virtual wan. Now we have our one hub that’s been created. What we’re going to want to do in order to turn this into a site to site Pins we’re going to have to create a site. So just like when we were creating a site to site VPN, we created a local gateway. Well, this VPN site I would say is very similar to a local gateway.
It’s basically a registration of your office or whatever you’re connecting to. So it’s basically a representation of the physical site in the cloud. So let’s keep these resources in the same West US region. Give this a name, we can call this our Toronto office and we can say who’s the person that’s what’s the vendor that created our on premises device. It’s just a string. We can call it whatever we want. And finally we can represent some type of IP address.
So I can call it something like that. That would be an IP address that ‘son my premises for this device. Now you can see here there’s a concept called links. And at least one link is mandatory. So where the site is representation of the location, the link is the representation of the device itself. So we can say this is our gateway, on site gateway. We can allocate 50 megabits per second to i.e. can say that this is our at and T provider. This is sort of the fully qualified domain name or the IP address of the device. So let’s just give it a fake one here. And if we wanted to configure the border gateway protocol, then we will have a different device for that and then our as number. So this is an example of creating a device that’s represented that’s going to be on your on premises, that’s going to have to be linked to the virtual way and hub to make a site to site VPN.Now all of this is just, let’s call it information. You are not actually physically creating the connection just yet. We’re creating the site and the representation of your devices that are on site.
Now we have a couple more steps to go. Right, so we’ve got our site created. We have to remove this filter or just see our site Toronto office and it’s not connected to anything. So again, the site is just a registration if you will. You actually make the connection by selecting the site and saying connect VPN sites. And this is where you have your pre shared key. You choose your connectivity protocol. You’ve got your routing simply just like creating your site to site VPN gateway. A lot of the same settings there. Now we’re not going to go through this. I don’t have an on premises gateway device to connect this to. So having our on premises office connected to the Virtual Wan hub really is only just one connection, and you need multiple connections in order for this to actually be valuable, right? So what you might want to do is group to the Virtual Wan itself and start connecting this Virtual Wan into other virtual networks. And so at least then you would have another side to your virtual gateway connections.
So you have your on premises connect into the Wan, and the Win has to connect to something else in order for it to be valuable. So what you might want to do is go under Virtual Network connections and add one of your virtual networks so this can be like site to site Vet. We will choose the Toronto Hub Virtual Hub one, put that into our resource group, and then we can choose our AZ 700 Virtual Network and then give it an automatic route table. And if we hit create, then basically you’re mirror adding your virtual Network, the AZ 700 network, to your Virtual Wan. And that’s a second device that can basically connect to your on premises. You can see how the Virtual Wan is sort of this larger umbrella that allows multiple sites to connect teach other in this hub and spoke model, as opposed to managing the hub and spoke model by yourself with Virtual Network gateways and things like that. This is sort of an umbrella umbrella that you can then connect multiple things to multiple things in a virtual Win as the hub part of the hub and spoke.
