In this lab you will explore communication between virtual networks. You will implement virtual network peering and run remote commands to test connections. You will also configure a custom route.
This lab requires an Azure subscription. Your subscription type may affect the availability of features in this lab. You may change the region, but the steps are written using **East US**.
Your organization segments core IT apps and services (such as DNS and security services) from other parts of the business, including your manufacturing department. However, in some scenarios, apps and services in the core area need to communicate with apps and services in the manufacturing area. In this lab, you configure connectivity between the segmented areas. This is a common scenario for separating production from development or separating one subsidiary from another. Additionally, the vendor maintaining the manufacturing machines needs access through the firewall. This will require a custom route.
There are several interactive lab simulations that you might find useful for this topic. The simulation lets you to click through a similar scenario at your own pace. There are differences between the interactive simulation and this lab, but many of the core concepts are the same. An Azure subscription is not required.
+ [Connect two Azure virtual networks using global virtual network peering](https://mslabs.cloudguides.com/guides/AZ-700%20Lab%20Simulation%20-%20Connect%20two%20Azure%20virtual%20networks%20using%20global%20virtual%20network%20peering). Test the connection between two virtual machines in different virtual networks. Create a virtual network peering and retest.
+ [Implement intersite connectivity](https://mslabs.cloudguides.com/en-us/guides/AZ-104%20Exam%20Guide%20-%20Microsoft%20Azure%20Administrator%20Exercise%209). Run a template to create a virtual network infrastructure with several virtual machines. Configure virtual network peerings and test the connections.
1. From the virtual machines page, select **Create** then select **Azure Virtual Machine**.
1. On the Basics tab, use the following information to complete the form, and then select **Next: Disks >**. For any setting not specified, leave the default value.
1. From the Azure portal, search for and navigate to **Virtual Machines**.
1. From the virtual machines page, select **Create** then select **Azure Virtual Machine**.
1. On the Basics tab, use the following information to complete the form, and then select **Next: Disks >**. For any setting not specified, leave the default value.
In this task, you test the connection between the virtual machines in different virtual networks. Before continuing ensure both virtual machines have been deployed and are running.
1. On the **Overview** blade, in the **Networking** section, record the **Private IP address** of the machine. You need this information to test the connection.
1. In CoreServicesVnet | Peerings, verify that the **CoreServicesVnet-to-ManufacturingVnet** peering is listed. Refresh the page to ensure the **Peering status** is **Connected**.
1. Switch to the **ManufacturingVnet** and verify the **ManufacturingVnet-to-CoreServicesVnet** peering is listed. Ensure the **Peering status** is **Connected**. You may need to **Refresh** the page.
## Task 6: Create a custom route to the manufacturing services virtual machines
In this task, you have contracted with a vendor to maintain the manufacturing servies virtual machines. The vendor needs to be routed from an external firewall the manufacturing machines. The firewall has not been configured but you want to go ahead and configure the route.
1. In the Azure portal, select **Route tables**, and then select **Create**. Provide the route table parameters.
| Setting | Value |
| --- | --- |
| Subscription | your subscription |
| Resource group | `az104-rg5` |
| Region | **East US** |
| Name | `rt-Manufacturing` |
| Propagate gateway routes | **No** |
1. When finished select **Review + create** and then **Create**.
1. After the route table deploys, select **Go to resource.**.
1. Select **Routes** and then **+ Add**. Create a route from the future NVA to the Manufacturing virtual network.
| Setting | Value |
| --- | --- |
| Route name | `NVAtoManufacturing` |
| Destination type | **IP Addresses** |
| Destination IP addresses | `172.16.0.0/16` (manufacturing virtual network) |
| Next hop type | **Virtual appliance** |
| Next hop address | `10.2.0.4` (future NVA) |
1. Select **+ Add** when the route is completed. The last thing to do is associate the route with the subnet.
1. Select **Subnets** and then **Associate**. Complete the configuration.
| Setting | Value |
| --- | --- |
| Virtual network | **ManufacturingVnet** |
| Subnet | **Manufacturing** |
>**Note**: You have created a user defined route to direct traffic from the NVA to a subnet.
+ [Distribute your services across Azure virtual networks and integrate them by using virtual network peering](https://learn.microsoft.com/en-us/training/modules/integrate-vnets-with-vnet-peering/). Use virtual network peering to enable communication across virtual networks in a way that's secure and minimally complex.
If you are working with your own subscription take a minute to delete the lab resources. This will ensure resources are freed up and cost is minimized. The easiest way to delete the lab resources is to delete the lab resource group.
+ In the Azure portal, select the resource group, select **Delete the resource group**, **Enter resource group name**, and then click **Delete**.
+ Using Azure PowerShell, `Remove-AzResourceGroup -Name resourceGroupName`.
+ Using the CLI, `az group delete --name resourceGroupName`.
