RouterOS Site-to-Site VPN to Windows Azure using Mikrotik RouterOS RB750GL
Site-to-Site VPN between your infrastructure and Windows Azure– using MikroTik RouterOSWhile doing my demos for Windows server 2012 readiness I wanted to show my attendees alsovirtual machines that you can run now on Windows Azure (www.windowsazure.com – here you cantry virtual machines and other Azure features for 180 days!).Okey, that’s not a problem you go to the virtual machines tab and create machine… But I wantedto connect my infrastructure with Azure so I will be able to experience real hybrid-cloud solutionwith some services in my datacenter and some services in Microsoft cloud…If you want to do that you need to create new network configuration in network tab on Azure portal.This procedure is well documented on: http://msdn.microsoft.com/en-us/library/windowsazure/jj156210#bkmk_ConfigVPNBut at the end you can download configuration for Cisco or Juniper… From that configuration I“extracted” the important steps to configure it on MikroTik 750GL.On your Mikrotik you need to go to IP / IPsec menu and then:- configure IPsec peers
After that you need to configure IPsec tunnel parameters:In the first line you define your local subnet that you have in your datacenter; below you entersubnet that you defined in Azure network configuration…And in Action tab of IPsec policy you define that you want to create tunnel and you need to defineendpoint IP addresses again…Connection established!!!
I started to ping from my Azure Virtual machine to AD server in my organization…and as seen from Azure portal perspective:It is easy to configure virtual machines on Windows Azure platform and also very easy to establishsite-to-site VPN connection – and it works also with “lower” budget routers and not only by usingCisco or Juniper.