0

I am the BizSpark admin for my company and would like the 5 virtual networks for each of my users to be able to communicate with each other.

I've seen various posts on how to create a VPN between the virtual networks (example), however having a VPN on each account costs money and eats into our monthly credits.

I've been reading about the new VNet Peering feature on Azure but have been unable to get it to work successfully. In the documentation it has the following requirement for VNet Peering to work:

Peering can be established between virtual networks in two different subscriptions as long a privileged user of both subscriptions authorizes the peering and the subscriptions are associated to the same Active Directory tenant.

In PowerShell i can see that the Tenant Ids for each Azure account are different, does this mean than VNet Peering won't work?

If so, is there any other way (other than creating a VPN) to do this?

Thanks

SneakAttaack
  • 3
  • 1

1 Answers1

0

Unfortunately, Azure does not support for linking VNETs across subscriptions in different AAD tenants currently. VNet peering relies on ARM RBAC for authorization. However, ARM RBAC does not support cross tenant linked access checks. So Both subscriptions must belong to the same Azure Active Directory tenant. Currently VNet peering is limited to customer’s subscriptions in the same Azure Active Directory domain. This gives them the same Tenant stamp which allows the peering to occur.

According to your description, I guess your 5 virtual networks maybe are 5 Azure VNets. So, why not try to use Vnet-to-Vnet traffic. The VNets you connect can be in different regions. Or in different subscriptions. You can even combine VNet-to-VNet communication with multi-site configurations.

VNet-to-Vnet traffic within the same region is free for both directions; cross region VNet-to-VNet egress is charged with the outbound inter-VNet data transfer rates based on the source regions. Here is a link on how to do this: https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-vnet-vnet-rm-ps/

If you still have any problems, you can contract me. Thanks

Regards,

Shui shengbao
  • 3,503
  • 1
  • 10
  • 20