Connecting your Home Lab to Windows Azure

I have been running different test VM’s in Azure for some time now. After running a Trial Account then switching that to Pay As You Go (word of warning, if you are running Pay As You Go too, don’t leave a SQL Enterprise VM running if you’re not using it – SG$150 dollars after powering mine up and realising I quickly shut it down!), I am now fortunate enough to have an MSDN Subscription and Azure credits. With the number of different VM’s I run on my hardware at home, all competing for resources and all requiring me to carry my laptop with me, I wanted to move as much as I could to Azure. The issue for me is, Azure does not support running Hyper-V Hosts with running VM’s on top. Kind of an issue as that is one of the areas I am investing a lot of learning time in at the moment. I wanted to be able to run all of my Applications and Infrastructure services in Azure so I could use my home hardware for Virtualization and System Center only. The challenge of course is, how to you connect Azure and your home environments together?

After some research it seems that Azure only supports a select number of Network appliances to a Site-to-Site VPN Connection. It does now support the VPN Server in Windows Server 2012 R2, however, this server needs to have a public facing NIC with public IP address also. Kind of an issue for a home lab. I am a Starhub customer running one of their Cisco Routers, apparently static/reserved IP with Starhub is not an option and I wasn’t going to start messing around with different Routers and so forth, I don’t find consumer network appliances and the thought of trying to get the help of a service provider to make something non-standard work all that interesting, still, I needed a solution.

After trawling around on the internet I was lucky enough to stumble across Azure VPN Behind NAT on the Cheap by Bhargav. This post describes how to set up a VPN to Azure using a Netgear firewall that sits on your home network behind your NAT. This was exactly what I needed! Even more fortunate for me, I had US$60 of unused Amazon.com credit that had been sat there for over a year. So, a quick order later and my Netgear FVS318 was on it’s way and arrived yesterday morning. So last night during a study break I set about configuring the device as per Bhargavs post. I won’t reproduce the steps here so I encourage you to visit Bhargavs Blog and check it out.

Azure seems to have changed a little bit since the post and the only thing I really found I had to look out for was making sure I selected Static Routing when I set up the VPN Gateway. I took a guess and chose Dynamic Routing first but couldn’t get this working. I assume there is an obvious reason for this but I am not anywhere near a network guy, so it wasn’t something I understood. But I found some additional instructions here on Canadian IT Pro Connection and put those together with what I already had and eventually, after double checking and correcting all of my typo’s in address space configuration, I got a connection!

AzureConnection

I will go into the detail of my home network set up in a later post due to lack of time, but if I list it out it looks something like this:

  1. A Cisco Router with Wireless Access Point provided by Starhub. This connects to the Internet. This has a 192.168.15.0 address space
  2. My Netgear VPN Device connects to the Cisco Router on a 192.168.15.x address. On the other side of the Netgear device is a 192.168.20.0 address space.
  3. On my two machines at home I have Vyatta Virtual Routers running which use the physical Ethernet network, they are connected to the Netgear device on the 192.168.20.0 address space.
  4. The Vyatta Routers have different Virtual Network interfaces configured and they are able to route to each other through the Physical network they are on.
  5. Virtual Machines use the Virtual Networks that are assigned to the Vyatta routers
  6. Hyper-V and ESX hosts are Virtual Machines running in VMWare Fusion on Mac OS X Mavericks

Between the Virtualization hosts I have full management, production, storage and Live Migration networking functionality and everything works like a charm. I can contact my Azure machines from my ‘On Premise’ machines and I have a full extension of my lab into the cloud. Just amazing!

There are only 2 real issues I face at the moment.

  1. The IP Address of my Cisco Router is not static, therefore in the event it changes I will need to update my Azure VPN Configuration. This is a lab though, so I can live with that
  2. I cannot ping/rdp my On Premise VM’s from my Azure VM’s at the moment. I know this is just down to routing, DNS and Firewall rules so all I need to do is track these down and open them up.

Once I have done this and have everything working correctly I will write a detailed post with Diagrams on my set up. In the meantime, I wanted to share this because if anyone else is looking to set up the same sort of environment, I can tell you that this definitely worked for me (Disclaimer: Different ISP’s and different routers have different capabilities. If you decide to invest in some hardware to try this and fail miserably I can’t be held responsible 😛 and neither can Bhargav of course!). If you do go ahead and try this, I would love to hear how you get on.

So, it really is possible to extend your lab into Azure with a minimal investment, why not consider maximising your home hardware use. You can get started with an Azure trial account here.

Cheers

 

Advertisements


Categories: Microsoft Azure

Tags:

5 replies

  1. Thanks for mention! Glad you found my post helpful!

  2. Good article! in my scenario, I have done this successfully using a Citrix Netscaler Express (free) instead of the routers. It was much easier to setup, at least for me, and gives me more flexibility in trying different on-the-fly configs.
    Thanks for sharing the info!

    • Cool, that’s a good alternative, will try it myself. I was looking for some virtual options but I wanted physical also as I have a few physical machines in my lab environment now and having physical networking in place instead of convoluted virtual adapters etc. everywhere made it a lot clearer for me.
      If you have a post on setting up the NetScaler feel free to share a link, I will go through setting that up also.
      Thanks for the comment.

Trackbacks

  1. Unboxing the NetGear ProSafe FVS318G
  2. Thursday, January 9, 2014 on #WindowsAzure | Alexandre Brisebois

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: