Peering Virtual Networks

Peering enables services from different virtual networks to communicate with one another using private IP addresses. This section discusses how to peer two Azure virtual networks; for instance, peering an AKS virtual network with a SmartConnector or other ArcSight product.

You should consult the Azure documentation on peering virtual networks for precise commands. The procedure here is provided as an example.

In this peering example, the virtual network (vnet) demo-vnet, from the resource group srg-demo, will be peered with vnet qaprg-vnet from resource group qaprg. Peering will be performed using the Azure Cloud Shell.

To set up peering between these two example virtual networks using the Azure Cloud Shell:

  1. Get the ID for virtual network demo-vnet from resource group srg-demo, and store it in variable vNet1Id:
    # vNet1Id=$(az network vnet show --resource-group srg-demo --name demo-vnet --query id --out tsv)
  2. Get ID for virtual network qaprg-vnet from resource group qaprg, and store it in variable vNet2Id:
    # vNet2Id=$(az network vnet show --resource-group qaprg --name qaprg-vnet --query id --out tsv)
  3. Establish peering for vnet demo-vnet from resource group srg-demo to remote virtual network (ID in $vNet2Id) with the following command:
    # az network vnet peering create --name demo-vnet-to-qaprg-vnet --resource-group srg-demo --vnet-name demo-vnet --remote-vnet $vNet2Id --allow-vnet-access

where name parameter is symbolic; you can choose a value for this as desired.

  1. To establish conection, peering must also be established from qaprg-vnet to demo-vnet. Run the following command:
    # az network vnet peering create --name qaprg-vnet-to-demo-vnet --resource-group qaprg --vnet-name qaprg-vnet --remote-vnet $vNet1Id --allow-vnet-access
  2. To verify the establishment of peering, run the following command:
    # az network vnet peering show --name demo-vnet-to-qaprg-vnet --resource-group srg-demo --vnet-name demo-vnet --query peeringState
Change the name to the same name used in Step 4, and use your vnet and resource group.
  1. If peering has been established successfully, then Connected will show as a result.