Category Archives: Azure Virtual WAN

Extra Evening December MC2MC

Posted on by
Reply

Extra Evening December MC2MC

I have the distinct pleasure of having been invited to speak at the Extra Evening December MC2MC user group. It is on the 17th of December 2020. This will be my final live and virtual event for the year 2020!

For the occasion I will be giving a talk to introduce you to Azure Virtual WAN and why this is really for everyone. You might not think so yet, but I am sure you will see where the future of Azure networking is heading, and why.

Extra Evening December MC2MC
Azure Virtual WAN for everyone

Register, it is free!

So, join us. The event is free, but for your time, but we hope you learn something. You can register on the MC2MC website for this event

Extra Evening December MC2MC
Register, it is free and you learn something!

My talk starts at 18:45 and after that session they have some more great sessions by fellow MVPs lined up.

Agenda

18h30 – 18u45: Welcome

Azure Virtual WAN for everyone

18h45 – 19u30:  Azure Virtual WAN for everyone by Didier Van Hoye (Microsoft MVP Cloud and Datacenter Management).
We’ll look at what Azure Virtual WAN is, why you would use it, and what its “state of the union” is at the time of speaking. We will look at why small and medium enterprises should also adopt it as Azure Virtual WAN is for everyone, not just the global fortune 500. We’ll touch on how to use Azure Firewall Manager with Azure Virtual WAN HUB and show you the custom route tables along with some examples.

Offensive Azure Security

19h30 – 20h15: Offensive Azure Security by Sergey Chubarov (Microsoft MVP Azure).
These days, working with a cloud platform is already commonplace. Companies choose Microsoft Azure for a number of benefits, including security. But there are some responsibility on the customer side and that’s may become weakest link in the chain.
A demo-based session shows attacks on the weakest link.
Penetration testers and red teamers will find steps that can be used in their assessments, defenders will get ideas on what should be protected.
The session includes:
– Bypassing authentication & MFA
– Getting control over Compute
– Extracting secrets
– Pentesting Azure AD Connect

20h15 – 20h25: Break

I know what you did last project

20h25 – 21h15: I know what you did last project (common mistakes we make in Azure) by Mustafa Toroman (Microsoft MVP Azure).
One of major benefits of Microsoft Azure is vast number of services we can choose from. But huge amount of services can create problems like what service to choose in specific situations or what to avoid. Do we select IaaS or PaaS? Or maybe go serverless? What type of database do we choose? Azure SQL, Managed Instance, or something else? And when to go with Azure Cosmos DB?
Based on years of experience and hundreds of projects, this session shares do’s and don’ts when designing your solutions in Azure. Avoid usual traps and create rock solid applications in cloud!

Azure DevOps for Ops without Dev

21h15 – 22h00: Azure DevOps for Ops without Dev by Vukašin Terzić (Microsoft MVP Azure).
DevOps philosophy doesn’t really apply to non-developers who are not creating and releasing new versions of applications every week. Or does it? In this session, I will talk about how to leverage Azure DevOps tools to boost your productivity and project management and how to save and execute your scripts and ARM templates.

22h00 – 23h00: Social BYOB (Bring-Your-Own-Beer) teams meeting

I hope to see you there and I wish you all a festive period to end 2020 and start 2021.

GeekSprech(EN) Podcast Episode 50 – Azure Virtual WAN

Posted on by
Reply

GeekSprech(EN) Podcast Episode 50 – Azure Virtual WAN

Yes, 2020 can end well. I was on GeekSprech(EN) Podcast Episode 50 – Azure Virtual WAN! I had the distinct pleasure of being invited to join Eric Berg on the GeekSprech (Geek Speak) Podcast. That invitation came times perfectly to have me on episode 50, which is kind of cool right?

GeekSprech(EN) Podcast Episode 50 – Azure Virtual WAN
GeekSprech(EN) Podcast Episode 50 – Azure Virtual WAN

In GeekSprech(EN) Podcast Episode 50 – Azure Virtual WAN we have an informal chat about, you guessed it, Azure Virtual WAN. While this a very rich and rewarding subject, that I like very much, I was wondering how this would go. You see there is just so much to tell, so many links to make, and relations to show between all the moving parts this subject normally leads to a lot of whiteboarding.

Podcasting and whiteboarding don’t mix, so we just talk, but I must say the time flew by. I had fun and just chatting informally with a fellow geek was just so much fun. For those of you reading this in the future, we are in lockdown 2 of over 8 months of the Corona/Covid-19 global pandemic. So having a talk over a drink at a conference or user group is just not happing right now.

More podcast on the horizon?

Are there more podcasts in my future? Well yes, probably so. This was my first ever podcast and I hope you like it. We had fun doing making it. Frankly it does taste like more and next year, if all goes well we’ll be doing some podcasting with a very smart fellow Belgian technologists about. We think that will be both fun and educational. The basis for those podcast plans are chats and discussion we have on technologies amongst our selves. But for now, you can join in the fun right here. Enjoy!

Custom Route Tables in Azure Virtual WAN are live!

Posted on by
2

Introduction

Last week, around August 26-27th 2020 Custom Route Tables in Azure Virtual WAN lit up in my Azure Tenants. Awesome news. Normally this should have happened the week of the 3d of August 2020. However, some delay happened. Now it is here is has come in silence. Which I find odd. This is a major capability that offers so much of what we need to make Azure Virtual WAN shine. But it is here, ready to shine at Microsoft Ignite

Custom Route Tables in Azure Virtual WAN
Watch my video on custom route tables in Azure virtual WAN

Custom Route Tables in Azure Virtual WAN

What do we have now? You can read up on Azure Virtual WAN route tables over here. I have made a video about all this which you can find on my blog and on my Vimeo channel. Please take a look for some walkthroughs and links to some other blog posts by me on Azure Virtual WAN.

LabELs

First of all, let’s discuss the labels. Labels logically group route tables. These are very helpful when propagating routes from connections to multiple route tables. The Default Route Table has a built-in label called ‘Default’. When you propagate connection routes to the ‘Default’ label, it automatically applies to all the Default Route Tables across every hub in the Virtual WAN.

Custom Route Tables in Azure Virtual WAN
Creating a label

Associations

Now, we can discuss associations. Each connection is associated with one route table. This means that the connection can send to the destination indicated as routes in the route table it is associated with. The routing configuration of the connection will show the associated route table. This is very important for connected VNETs. Multiple connections can be associated with the same route table. Note that all VPN, ExpressRoute, and User VPN connections are associated with the same (default) route table.

Custom Route Tables in Azure Virtual WAN
Association

By default, all connections are associated with the Default route table in a virtual hub. Each virtual hub has its own Default route table. You can add one or more static routes to the default Route table. Static routes take precedence over dynamically learned routes for the same prefixes.

Propagations

Last but not least, connections dynamically propagate routes to one or more route table. VPN, ExpressRoute, and User VPN connections propagate routes to the same set of route tables. With connections like a Site-2-Site VPN, Express Route, or Point-2-Site VPN, routes are propagated from the virtual hub to the on-premises router using BGP.

Custom Route Tables in Azure Virtual WAN
Propagations for Branches
Custom Route Tables in Azure Virtual WAN
Propagation for a connected VNET

A “None” route table is also available for each virtual hub. Propagating to the None route table implies that no routes are propagated from the connection.

Some need to ask

Finally, some customers need to reach out to support in order to get Azure Virtual WAN Custom route tables to light up.

Contact Microsoft support if and when needed to enable custom route tables for you.

As a result, I suggest you do so to start kicking the tires and then dive in deeper. This is a cornerstone technology for Azure networking going forward.

Automation

I have not found any documentation or guidance in regards to automation with PowerShell, Azure CLI, or ARM templates yet. I expect this to be forthcoming as this is much needed. As a result, I hope we’ll see this by Microsft Ignite 2020.

Conclusion

Azure Virtual WAN with the secured Virtual Hub and custom route tables offers the capabilities we have been waiting for. With these capabilities in place. Azure Virtual WAN is the future of Azure virtual networking. Therefore, I fully expect to hear a lot more about it during Microsoft Ignite in September. I personally will focus on this part of networking in the coming months. It is a stock part of any Azure initiative and project in the near future.