Console
    Contact Us Start free

    Configure your Microsoft Azure resources

    After you configure your Google Cloud resources, configure your Microsoft Azure resources.

    Before you begin

    This section describes required setup and resources.

    Provisioned Cross-Cloud Interconnect connections

    Before you configure your Azure resources, make sure that Google has provisioned your Cross-Cloud Interconnect connections. After this work is complete, you receive a confirmation email. You can also use the Google Cloud console to verify that the Cross-Cloud Interconnect ports are active, which indicates that the connections have been provisioned. For more information, see Verify that your port is active .

    Required Azure resources

    Make sure that you have an Azure virtual network (VNet) that includes a subnet. The subnet must be located in an Azure region that is supported for your location . For help, see Quickstart: Use the Azure portal to create a virtual network .

    Create an ExpressRoute circuit

    An Azure ExpressRoute circuit is similar to a Google Cloud VLAN attachment. The circuit represents a logical connection between your network in Azure and your peer network (in this case, Google Cloud).

    When you create an ExpressRoute circuit, Azure automatically creates two circuits: a primary circuit and a redundant one. Azure creates one circuit on your primary ExpressRoute Direct resource and another on your secondary ExpressRoute Direct resource. This behavior differs from Google Cloud, where you had to explicitly create two VLAN attachments.

    Azure portal

    1. Go the ExpressRoute Circuitspage.

    2. Click Create.

    3. Complete the form displayed on the Basicstab:

    4. Click Next : Configuration.

    5. Complete the form displayed on the Configurationtab:

      • In the Peering typefield, select Direct.
      • Select the ExpressRoute Directresource that you created in Order Azure connections . If you can't find the name of your connection in the dropdown list, go back to the previous page and make sure that you selected the correct region.
      • Use the Circuit bandwidthfield to select the appropriate capacity.
      • Use the SKUfield to select the appropriate level of service.

    6. Click Next : Tags.

    7. Optional: Set up tags for this port.

    8. Click Next : Review + create.

    9. Review the summary of your choices. If you want to make changes, click Previousand update the form as needed. When the summary looks correct, click Create.

      Azure displays a Deployment is in progressmessage. After some time, the message should update to say Your deployment is complete.

    Azure PowerShell

    Use the New-AzExpressRouteCircuit command :

    $port = Get-AzExpressRoutePort -Name EXPRESS_ROUTE_DIRECT_CONNECTION 
`
$circuit = New-AzExpressRouteCircuit `
   -Name NAME 
`
   -ResourceGroupName RESOURCE_GROUP_NAME 
`
   -Location LOCATION 
`
   -SkuTier SKU_TIER 
`
   -SkuFamily SKU_FAMILY 
`
   -ExpressRoutePort $port `
   -BandwidthInGbps CAPACITY

    Replace the following:

    • EXPRESS_ROUTE_DIRECT_CONNECTION : the name of the ExpressRoute Direct connection that you created in Order Azure ports
    • NAME : the name of the new circuit
    • RESOURCE_GROUP_NAME : the name of the appropriate resource group
    • LOCATION : the region where you created the ExpressRoute Direct connection, as described in Order Azure ports

    • SKU_TIER : the SKU tier; possible values are Standard , Premium , and Local

    • SKU_FAMILY : if you're using LOCAL for SKU , choose UnlimitedData ; if you're using STANDARD or PREMIUM , choose MeteredData

    • CAPACITY : the capacity of each circuit

    Set up a private peering

    Cross-Cloud Interconnect uses Border Gateway Protocol (BGP) to exchange routes between your Virtual Private Cloud (VPC) network and your Azure network. To that end, configure a private BGP peering between your ExpressRoute circuits and your Google Cloud VLAN attachments.

    Calculate the IPv4 subnet values

    When you create the peering, you provide an IPv4 primary subnetvalue and an IPv4 secondary subnetvalue. These values represent the Google Cloud VLAN attachments that you want to connect with.

    Check the instructions that you provided

    When you provided your Azure LOA to Google, you also provided instructions about how you wanted your ports connected. You need that information to configure the IPv4 Primary subnetand IPv4 Secondary subnetfields.

    For example, if your primary ExpressRoute Direct port is connected to the primary Cross-Cloud Interconnect port, do the following:

    • To calculate the IPv4 Primary subnetvalue, use details about the primary VLAN attachment.

    • To calculate the IPv4 Secondary subnetvalue, use details about the redundant VLAN attachment.

    If your primary ExpressRoute Direct port is connected to the redundant Cross-Cloud Interconnect port, do the reverse. That is, to calculate the IPv4 Secondary subnetvalue, use details about the primary VLAN attachment. To calculate the IPv4 Primary subnetvalue, use details about the redundant VLAN attachment.

    Calculate the subnet values

    To calculate the subnet value, start with the customerRouterIpAddress value of the appropriate VLAN attachment. Subtract 2 from the rightmost segment of the address (the fourth octet). The resulting value is the address that you enter in the IPv4 Primary subnetfield or in the IPv4 Secondary subnetfield.

    For example, suppose the customerRouterIpAddress is 169.254.188.18/30 . In this case, the subnet value would be 169.254.188.16/30 .

    Create the private peering

    Azure portal

    1. Go the ExpressRoute Circuitspage.

    2. Click the name of the circuit that you created in Create an ExpressRoute circuit .

    3. Click Azure private peering.

    4. Complete the form:

      • Enter the ASNof the Google Cloud Router—for example, 16550 .
      • In the Subnetssection, enter IPv4.
      • Enter the IPv4 Primary subnetand IPv4 Secondary subnetvalues that you calculated in Calculate the IPv4 primary subnet value .
      • Enter the same VLAN IDthat you entered when creating your VLAN attachments.
      • If you want to use MD5 authentication, enter your MD5 key in the Shared keyfield. Make sure that you enter the same key that you used when creating BGP sessions in Google Cloud.

    5. Click Save.

    Azure PowerShell

    Use the following commands:

    For example:

    $circuit = Get-AzExpressRouteCircuit -Name CIRCUIT_NAME 
`
   $circuit.Peerings = New-AzExpressRouteCircuitPeeringConfig `
   -Name 'AzurePrivatePeering' `
   -PeeringType 'AzurePrivatePeering' `
   -PeerASN ASN 
`
   -PrimaryPeerAddressPrefix PRIMARY_SUBNET 
`
   -SecondaryPeerAddressPrefix SECONDARY_SUBNET 
`
   -VlanId VLAN_ID 
`
   -SharedKey MD5_KEY 
`
   Set-AzExpressRouteCircuit -ExpressRouteCircuit $circuit

    Replace the following:

    • CIRCUIT_NAME : the name of your ExpressRoute circuit
    • ASN : the ASN of the Google Cloud Router
    • PRIMARY_SUBNET and SECONDARY_SUBNET : the values that you arrived at in Calculate the IPv4 primary subnet value
    • VLAN_ID : the VLAN ID that you specified when creating your VLAN attachments
    • MD5_KEY : the key to use for MD5 authentication (optional)

    Create a virtual network gateway

    An ExpressRoute virtual network gateway connects your Azure network with a peer network—in this case, your Google Cloud VPC network.

    Azure portal

    1. Go the Virtual network gatewaypage.

    2. Click Create.

    3. Select the appropriate Subscription.

    4. Complete the Instance Detailssection of the form:

      • Enter a Namefor the gateway.
      • Select the Regionwhere your connection is located.
      • Select a Gateway typeof ExpressRoute.
      • Use the SKUfield to select the appropriate level of service.
      • Select a Virtual networkthat has a subnet in the same region as your ExpressRoute Direct connection.
      • Select a Subnet.

    5. Complete the Public IP addresssection of the form:

      • For Public IP address, do one of the following:

        • Select Create new, and then enter a Public IP address namefor the new address and a SKU.

        • Select Use existing, and select an address that you previously created.

      • Select an Availability zone.

    6. Click Next : Tags.

    7. Optional: Set up tags for the gateway.

    8. Click Next : Review + create.

    9. Click Create.

      Azure displays a Deployment is in progressmessage. After a few minutes, the message should update to say Your deployment is complete.

    Azure PowerShell

    Use the following commands:

    Complete the following steps:

    1. Create an object that represents your Azure virtual network:

      $vnet = Get-AzVirtualNetwork -Name NETWORK_NAME 
`
   -ResourceGroupName RESOURCE_GROUP

      Replace the following:

      • NETWORK_NAME : the name of your Azure virtual network
      • RESOURCE_GROUP : the name of the appropriate resource group

    2. Create an object that represents the subnet that you want to use for your circuit:

      $subnet = Get-AzVirtualNetworkSubnetConfig -Name NAME 
`
   -VirtualNetwork $vnet

      Replace NAME with the name of your subnet.

    3. Allocate a public IP address for the virtual network:

      $pip = New-AzPublicIpAddress -Name NAME 
`
   -ResourceGroupName RESOURCE_GROUP 
`
   -Location REGION 
`
   -AllocationMethod Dynamic

      Replace the following:

      • NAME : the name of your IP address
      • RESOURCE_GROUP : the name of the appropriate resource group
      • REGION : the region where your subnet is located

    4. Create a configuration object:

      $ipconf = New-AzVirtualNetworkGatewayIpConfig `
-Name NAME 
`
-Subnet $subnet `
-PublicIpAddress $pip

      Replace NAME with a name for your configuration.

    5. Create the gateway:

      $gateway = New-AzVirtualNetworkGateway NAME 
`
   -ResourceGroupName RESOURCE_GROUP 
`
   -Location REGION 
`
   -IpConfigurations $ipconf `
   -GatewayType Expressroute `
   -GatewaySku SKU

      Replace the following:

      • NAME : the name of the new gateway
      • RESOURCE_GROUP : the name of the appropriate resource group
      • REGION : the region where your subnet is located
      • SKU : the gateway SKU

    Create a connection

    Create a connection between the following resources:

    Azure portal

    1. Go to the Connectionspage.

    2. Click Create.

    3. Select a Subscriptionand Resource group.

    4. Complete the Instance Detailssection of the form:

      • Set Connection typeto ExpressRoute.
      • Enter a Namefor the connection.
      • Select the Regionwhere your ExpressRoute Direct connection is located.

    5. Click Next : Settings:

      • Select the appropriate Virtual network gateway.
      • Select your ExpressRoute circuit.
      • If appropriate, select Enable Custom BGP Addresses.
      • If appropriate, select Redeem authorization.
      • Enter the appropriate Routing weightvalue.

    6. Click Next : Tags.

    7. Optional: Set up tags for this port.

    8. Click Next : Review + create.

    9. Review the summary of your choices. If the summary looks correct, click Create. If not, click Previousand make corrections.

      Azure displays a Deployment is in progressmessage. After a few minutes, the message should update to say Your deployment is complete.

    Azure PowerShell

    Use the New-AzVirtualNetworkGatewayConnection command :

    New-AzVirtualNetworkGatewayConnection `
   -Name CONNECTION_NAME 
`
   -ResourceGroupName RESOURCE_GROUP 
`
   -VirtualNetworkGateway1 GATEWAY 
`
   -Location LOCATION 
`
   -ConnectionType ExpressRoute `
   -PeerId PEER_ID

    Replace the following:

    Previous
    Configure your Google Cloud resources
    Next
    Verify your connections
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: