{{ secondMenu.name }}
Steps
Step 1.Create a resource group.
Make sure that all resources created subsequently must be in the same region as this resource group. Otherwise, business communication may fail.
Step 2.Create a virtual network.
The two subnets shown in the following figure are used as the virtual networks for the VPN gateway and the virtual PC, respectively. For the subnet of the VPN gateway, set its Subnet purpose to Virtual Network Gateway.
Step 3.Create a network security group and configure a security rule.
To facilitate testing, traffic from all zones is allowed. In actual scenarios, allow traffic based on your business needs.
Associate the network security group with a virtual network.
Step 4.Create a virtual network gateway, and make sure that its subscription, location, and virtual network are the same as those of the created virtual network.
It takes about 30 minutes to create a virtual network gateway. Be patient.
Step 5.Create a local network gateway.
Set the IP address of the local network gateway to the egress IP address of the Athena NGFW device, and the address space to the internal network segment that the Athena NGFW device wants to access in Microsoft Azure.
Step 6.Create a VPN connection.
We recommend that you select IKEv2 as the IKE protocol, and disable the policy-based traffic selector (which is equivalent to an all-zero selector). In addition, Microsoft Azure supports only route-based external connections.
Make sure that the selected virtual network gateway and local network gateway are those created above.
Click Create, as shown in the following figure.
{{ $t('index.defaultHeader.chromeBrowserTip') }}