2

I've recently created an Azure trial account, and we've got it set up and connected to our on-prem network (via IPSec tunnel over ASA). I can communicate with a Linux VM I threw up in Azure from my machine on premise. Now, I'd like to include a couple other sites outside of Azure as well. So essentially, I'd like one specific resource in Azure to connect to three different locations in the US.

According to the reading I've done, it seems I can't make three tunnels that point to the same virtual network (as virtual network gateways don't work like that). All the documentation points to downloading the network config and editing it (like here: https://docs.microsoft.com/en-gb/azure/vpn-gateway/vpn-gateway-multi-site) So I'm trying the ol' download the network configuration procedure. But, when I connect via the newest Azure CLI powershell and login to my account and run this command:

Get-AzureVNetConfig -ExportToFile

I get an empty file. So I ran

Get-AzureVNetConfig -verbose

And I get this as a response:

VERBOSE: 3:47:55 PM - Begin Operation: Get-AzureVNetConfig

Get-AzureVNetConfig : ResourceNotFound: Network configuration does not exist.

At line:1 char:1 + Get-AzureVNetConfig -Verbose + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : CloseError: (:) [Get-AzureVNetConfig], CloudExce ption + FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagemen t.IaaS.GetAzureVNetConfigCommand

I know I have a network- is this a limitation of having a trial account?

I hope I'm being clear here- please let me know if there's any information I should be adding that's not glaringly obvious to me. Thanks everyone.

edit to add: Here's what my VNetConfig looks like if I just run Get-AzureVNetConfig -ExportToFile C:\herbajerb.xml

<NetworkConfiguration

xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration" >
<VirtualNetworkConfiguration />
</NetworkConfiguration>
Sumbrada
  • 23
  • 3

1 Answers1

1

Have you setup an ARM Vnet or a Classic Vnet? The Network Configuration file is only used with Classic Vnets. If you have setup a classic vnet then the command Get-AzureVNetCOnfig is the correct command and it does work on trial accounts.

If you have setup an ARM vnet you do not use the network configuration file.

This article:

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-multi-site-to-site-resource-manager-portal

will guide you through configuring a multi-site VPN in ARM.

good luck.

Michael Brown
  • 3,204
  • 2
  • 9
  • 10
  • Thanks for the followup! I am using ARM, and I figured that since I wasn't using classic that was part of the issue. However, I couldn't find the correct verbiage to search for an answer that helps. I'll check out what you've posted here. – Sumbrada Feb 28 '17 at 14:22
  • Yours was the correct answer- seems I can't do this using a Cisco ASA device, as I need to use Azure's route-based VPN for this. – Sumbrada Feb 28 '17 at 14:42
  • Glad I could help, could you mark the answer as correct? – Michael Brown Feb 28 '17 at 15:15
  • My apologies! First post newbie error. – Sumbrada Mar 01 '17 at 16:10