{"id":250,"date":"2018-05-18T15:27:48","date_gmt":"2018-05-18T15:27:48","guid":{"rendered":"https:\/\/cloudmanagement.navisite.com\/?p=250"},"modified":"2020-01-08T04:24:35","modified_gmt":"2020-01-08T04:24:35","slug":"hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws","status":"publish","type":"post","link":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/","title":{"rendered":"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS"},"content":{"rendered":"

\"\"<\/a><\/p>\n

1.\u00a0 <\/strong>Summary: Hybrid Cloud Connectivity – Azure P2S VPN<\/strong><\/h2>\n

This is the fifth blog in the Azure Networking Blog<\/strong> series, and focuses on Azure P2S VPN functionality. Check out other blogs in this series:<\/p>\n

    \n
  1. Azure Traffic Manager and Load Balancer Design<\/a><\/li>\n
  2. T<\/a>hird Party Network Devices (Part-1) \u2013 Citrix VPX in Azure<\/a><\/li>\n
  3. Third Party Network Devices (Part-2) – Cisco ASAv in Azure<\/a><\/li>\n
  4. \u00a0BGP Express Route and BGP over IPSec Tunnel<\/a><\/li>\n<\/ol>\n

    In this blog post we will review various Hybrid Cloud Connectivity Options. The VPN Client allows the remote users to connect to Cloud private network through Internet from anywhere in the world. In Azure, this can be accomplished with a Point-to-Site VPN Gateway (Route-Based) with RADIUS Authentication. Azure P2S is a useful solution instead of a site-to-site when you have a few remote users that need connectivity into Azure. In the first part of this blog post, I will walk you through a use case with Azure P2S VPN<\/a><\/strong> using Active Directory Server configured with Radius Server role.
    \nOne of our clients recently migrated from AWS to Azure. One way to connect the two clouds together is via an IPSec VPN tunnel. \u00a0We ran into compatibility issues between Azure and AWS while setting up the VPN tunnel, due the fact that AWS currently only supports ikev1, and Azure’s Route-Based VPN gateway only supports ikev2.
    \nTo address overcoming this limitation, in the second half of the blog post we’ll take a look at a use case to connect     AWS Cloud to Azure Cloud<\/a><\/strong> using StrongSwan (which serves as a Virtual Appliance on the AWS die) with ikev2 support, and using custom routing. \u00a0\u00a0This can also be accomplished with Windows Server (RRAS on the AWS side)
    \nNote:<\/strong> This blog post assumes general familiarity with Azure cloud constructs (Resource Groups, VNets and Subnets), AWS networking constructs (VPC, Subnet, Instances and Route tables) and common networking concepts. Microsoft has some great documentation to assist with further understanding this process.
    \nThis blog post is focused on end-to-end configuration blueprint, reference architecture and in-depth troubleshooting for the above two use cases.\u00a0 We will use this diagram as a reference architecture.
    \n

    \"Azure<\/a>
    Hybrid Cloud Connectivity<\/figcaption><\/figure><\/p>\n

    2. Point-to-Site VPN Configuration<\/strong><\/h2>\n

    Summary:<\/strong>
    \nThe VPN Client allows the remote users to connect to a private network through Internet from anywhere in the world. In Azure, this can be accomplished with a Point-to-Site VPN Gateway (Route-Based) with RADIUS Authentication. Azure P2S VPN is a useful solution instead of a site-to-site when you have a few remote users that need connectivity into Azure.
    \nIn the first part of this blog post, I will walk you through a use case with     Azure P2S VPN<\/a><\/strong> using Active Directory Server configured with Radius Server role.
    \nMicrosoft Documentation:<\/strong>
    \n    https:\/\/docs.microsoft.com\/en-us\/azure\/vpn-gateway\/point-to-site-vpn-client-configuration-radius<\/a>
    \nAzure P2S VPN is supported from Windows, MAC OS X and Linux Client devices. This blog post covers Windows Client.
    \nPrerequisites:<\/strong> Azure Resource Group (nn-rg-2), Vnet (nn-vnet) and Subnets Exist in Azure. Active Directory Domain Controller created in Azure Subnet (Windows 2012 R2)
    \nSteps:<\/strong><\/p>\n

      \n
    1. Create Route based Virtual Network Gateway<\/li>\n
    2. Configure Point-to-Site VPN on Azure VNG<\/li>\n
    3. Create VPN Users Group in Active Directory<\/li>\n
    4. Setup RADIUS Server and Network Policy Server Security<\/li>\n
    5. Download VPN Client<\/li>\n
    6. Connect to Azure<\/li>\n
    7. Troubleshooting and Verifications<\/li>\n<\/ol>\n
        \n
      1. Create Route-Based Virtual Network Gateway
        \n
        \"P2S<\/a>
        Route-Based Virtual Network Gateway<\/figcaption><\/figure><\/li>\n
      2. Configure Point-to-Site VPN on Azure Virtual Network Gateway. The address pool should be something unique on your network.
        \n
        \"P2S<\/a>
        Point-to-Site VPN on Azure Virtual Network Gateway<\/figcaption><\/figure><\/li>\n
      3. Create VPN Users Group in Active Directory. Add VPN users to this group.
        \n
        \"P2S<\/a>
        VPN Users Group in Active Directory<\/figcaption><\/figure><\/li>\n
      4. Install and Setup RADIUS Server and Network Policy Server (Step by Step)<\/li>\n<\/ol>\n

        \"\"<\/a>
        \n

        \"P2S<\/a>
        Install and Setup RADIUS Server and Network Policy Server<\/figcaption><\/figure>
        \n
        \"P2S<\/a>
        Register Network Policy Server Security<\/figcaption><\/figure>
        \nRegister Network Policy Server Security<\/p>\n
        <\/h6>\n

        Configure Radius Client on Network Policy Server. Allow traffic from the Azure Gateway subnet(10.6.0.0\/24)
        \n        \"P2S<\/a>
        \n 
        \nConfigure security policy to allow conditional Requests        \"P2S<\/a>
        \n        \"P2S<\/a>
        \n        6.\u00a0<\/a>Download and Install VPN Client\"P2S<\/a>
        \n 
        \nExtract the zip file into a folder and install the client        6.\u00a0<\/a>\"P2S<\/a>
        \nConnect to Azure. The above step will install a new connection “nn-vnet-2”\u00a0
        \n<\/a>        \"Azure<\/a>
        \nLaunch the client and login with your AD domain credentials. Make sure the user is in the VPN Users group.        7.\u00a0<\/a>\"P2S<\/a>
        \n7. Troubleshooting and Verifications
        \nOn the Azure side, for the VM in question, check the effective Route in the Azure Portal.        \"P2S<\/a><\/p>\n

        On the client side, veriy the IP and routes.\"P2S<\/a><\/h6>\n
        \"P2S<\/a><\/h6>\n

        3. Azure to AWS Connectivity<\/strong><\/h2>\n

        Summary:<\/strong>
        \nAs noted above, while assisting a client in their migration from AWS to Azure, we ran into compatibility challenges between the two platform, when connecting the two clouds together\u00a0 via an IPSec VPN tunnel.
        \nAWS currently only supports ikev1, while the Route-Based VPN gateway in Azure only supports ikev2 – this necessitated connect         AWS Cloud to Azure Cloud<\/a><\/strong> using StrongSwan (which serves as a Virtual Appliance on the AWS side) with ikev2 support and using custom routing.\u00a0 \u00a0StrongSWan is an open source tool that requires minimal configuration to get it up and running. This\u00a0 connection can also be accomplished with Windows Server (RRAS on the AWS side)<\/p>\n

        Prerequisites:\u00a0 <\/strong><\/h5>\n

        AWS:<\/strong> VPC: nn-VPC, Subnets: nn-subnet-1, nn-subnet-2, instances:\u00a0 vm1 in subnet1 and vm2 in subnet2 exits
        \nAzure:<\/strong> Resource Group: nn-rg-2, vNET: nn-vnet-2, subnet: nn-subnet1, Route-based Virtual Network Gateway: nn-route-based-vng<\/p>\n

        Documentation Links:<\/strong><\/h5>\n

        https:\/\/docs.aws.amazon.com\/AmazonVPC\/latest\/GettingStartedGuide\/ExerciseOverview.html<\/a><\/strong>
        \n        https:\/\/wiki.strongswan.org\/projects\/strongswan\/wiki\/AwsVpc<\/a><\/strong><\/p>\n

        Steps:<\/strong><\/h5>\n
          \n
        1. AWS: Install a Ubuntu instance and configure StrongSWAN.<\/li>\n
        2. AWS: Configure Custom Routes<\/li>\n
        3. Azure: Create new Local Network Gateway<\/li>\n
        4. Azure: Create a new connection<\/li>\n
        5. Verification and troubleshooting<\/li>\n<\/ol>\n
          1: AWS: Install a Ubuntu instance and Configure StrongSWAN.<\/h6>\n
          Install StrongSwan:\napt-get install strongswan\nEnable\necho 1 > \/proc\/sys\/net\/ipv4\/ip_forward\nVerify IP Configuration\nubuntu@ip-10-82-1-214:~$ ifconfig\neth0      Link encap:Ethernet  HWaddr 0a:c2:0d:ce:44:a8\n          inet addr:10.82.1.214  Bcast:10.82.1.255  Mask:255.255.255.0\n          inet6 addr: fe80::8c2:dff:fece:44a8\/64 Scope:Link\n          UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1\n          RX packets:318569 errors:0 dropped:0 overruns:0 frame:0\n          TX packets:212384 errors:0 dropped:0 overruns:0 carrier:0\n          collisions:0 txqueuelen:1000\n          RX bytes:182188399 (182.1 MB)  TX bytes:27196737 (27.1 MB)\nlo        Link encap:Local Loopback\n          inet addr:127.0.0.1  Mask:255.0.0.0\n          inet6 addr: ::1\/128 Scope:Host\n          UP LOOPBACK RUNNING  MTU:65536  Metric:1\n          RX packets:192 errors:0 dropped:0 overruns:0 frame:0\n          TX packets:192 errors:0 dropped:0 overruns:0 carrier:0\n          collisions:0 txqueuelen:1\n          RX bytes:14456 (14.4 KB)  TX bytes:14456 (14.4 KB)\nConfigure StrongSWAN:\nroot@ip-10-82-1-214:~# more \/etc\/ipsec.secrets\n10.82.1.214 13.77.XX.XX  : PSK \"AzureXXXX\"\nroot@ip-10-82-1-214:~# more \/etc\/ipsec.conf\n# ipsec.conf - strongSwan IPsec configuration file\nconn azure\n  authby=secret\n  type=tunnel\n  leftsendcert=never\n  left=10.82.1.214\n  leftsubnet=10.82.1.0\/24,10.82.2.0\/24\n  right=13.77.XX.XX\n  rightsubnet=10.6.1.0\/24\n  keyexchange=ikev2\n  ikelifetime=10800s\n  keylife=57m\n  keyingtries=1\n  rekeymargin=3m\n  compress=no\n  compress=no\n<\/pre>\n
          root@ip-10-82-1-214:\/etc# ipsec status\nSecurity Associations (1 up, 0 connecting):\n       azure[1]: ESTABLISHED 4 seconds ago, 10.82.1.214[10.82.1.214]...13.77.XX.XX[13.77.XX.XX]\n       azure{1}:  INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: caee2e84_i e517cc8e_o\n       azure{1}:   10.82.1.0\/24 10.82.2.0\/24 === 10.6.1.0\/24\nroot@ip-10-82-1-214:\/etc# ipsec restart\nStopping strongSwan IPsec...\nStarting strongSwan 5.3.5 IPsec [starter]...\nroot@ip-10-82-1-214:\/etc# ipsec statusall\nStatus of IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-1057-aws, x86_64):\n  uptime: 6 seconds, since May 14 03:39:39 2018\n  malloc: sbrk 1486848, mmap 0, used 346512, free 1140336\n  worker threads: 11 of 16 idle, 5\/0\/0\/0 working, job queue: 0\/0\/0\/0, scheduled: 3\n  loaded plugins: charon test-vectors aes rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints pub\nkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netl\nink resolve socket-default connmark stroke updown\nListening IP addresses:\n  10.82.1.214\nConnections:\n       azure:  10.82.1.214...13.77.88.243  IKEv2\n       azure:   local:  [10.82.1.214] uses pre-shared key authentication\n       azure:   remote: [13.77.88.243] uses pre-shared key authentication\n       azure:   child:  10.82.1.0\/24 10.82.2.0\/24 === 10.6.1.0\/24 TUNNEL\nSecurity Associations (1 up, 0 connecting):\n       azure[1]: ESTABLISHED 6 seconds ago, 10.82.1.214[10.82.1.214]...13.77.88.243[13.77.88.243]\n       azure[1]: IKEv2 SPIs: 370014ff2c35787c_i* d34deb87dbd7433d_r, pre-shared key reauthentication in 2 ho\nurs\n       azure[1]: IKE proposal: AES_CBC_256\/HMAC_SHA1_96\/PRF_HMAC_SHA1\/MODP_1024\n       azure{1}:  INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: caee2e84_i e517cc8e_o\n       azure{1}:  AES_CBC_256\/HMAC_SHA1_96, 0 bytes_i, 0 bytes_o, rekeying in 50 minutes\n       azure{1}:   10.82.1.0\/24 10.82.2.0\/24 === 10.6.1.0\/24\n<br><\/pre>\n
          2: AWS: Configure VPC,Subnets and Custom Routes
          \n          AWS: VPC<\/a>
          \n          \"P2S<\/a>
          \n          AWS: Subnet1<\/a>\"P2S<\/a>
          \nAWS: Subnet2
          \n          \"P2S<\/a>
          \n 
          \n          AWS: Intenet Gateway
          \n<\/a>          \"P2S<\/a>
          \nAWS : NAT Gateway          \"P2S<\/a>
          \n3. Azure Create Virtual Network Gateway
          \n          \"P2S<\/a>
          \n4. Azure: Create Local Network Gateway and a new connection
          \n          \"P2S<\/a>
          \n          \"P2S<\/a>
          \n5. Verifications and troubleshooting
          \nVM in Subnet2          \"P2S<\/a>
          \nVM In Subnet1<\/strong>
          \n          \"P2S<\/a><\/p>\n
          4. Conclusion<\/h3>\n
          This blog came from a real day-in-the-life experience of Navisite’s Solution Engineering team, an element of Navisite’s Elite 5-Star Managed Services team. At Navisite, we partner with our current and prospective clients to bring creative, business-enabling technology solutions to life.
          \nIn conclusion, we reviewed Hybrid Cloud Connectivity options. For remote users, we looked at Azure Native P2S solution with Radius Authentication. Other options for Remote user connectivity are using third-party appliances like Cisco ASAv with AnyConnect VPN. For           ASAv in Azure<\/a> check out my earlier blog post.<\/a>
          \nWe also looked at connecting Azure and AWS Cloud using IPSec VPN.\u00a0 For a short-term migration strategy, we used StrongSWan as an open-source tool, which requires minimal configuration to get it up and running. This can also be accomplished with Windows Server (RRAS on the AWS side), a topic which I will cover in future blog posts.<\/p>\n
          Note: I\u2019d like to thank my manager John Rudenauer, Navisite Product Management and Marketing team members William Toll, Chris Pierdominici and Carole Bailey for their support.<\/em><\/h6>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":114,"featured_media":251,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[176,9,17,177,178,179,180,181,182,183,185,187,188,168,189,190,141,191],"acf":[],"yoast_head":"\nHybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS - Navisite<\/title>\n<meta name=\"description\" content=\"1.\u00a0 Summary: Hybrid Cloud Connectivity - Azure P2S VPN This is the fifth blog in the Azure Networking Blog series, and focuses on Azure P2S VPN\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS\" \/>\n<meta property=\"og:description\" content=\"1.\u00a0 Summary: Hybrid Cloud Connectivity - Azure P2S VPN This is the fifth blog in the Azure Networking Blog series, and focuses on Azure P2S VPN\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/\" \/>\n<meta property=\"og:site_name\" content=\"Navisite\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-18T15:27:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-08T04:24:35+00:00\" \/>\n<meta name=\"author\" content=\"Megan Ferringer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@navisite\" \/>\n<meta name=\"twitter:site\" content=\"@navisite\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Megan Ferringer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/\"},\"author\":{\"name\":\"Megan Ferringer\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f\"},\"headline\":\"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS\",\"datePublished\":\"2018-05-18T15:27:48+00:00\",\"dateModified\":\"2020-01-08T04:24:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/\"},\"wordCount\":1197,\"publisher\":{\"@id\":\"https:\/\/www.navisite.com\/#organization\"},\"keywords\":[\"Active Directory Server\",\"AWS\",\"Azure\",\"Azure P2S\",\"Azure P2S VPN\",\"Azure Remote User Connectivity\",\"Azure Resource Group\",\"Azure S2S VPN\",\"Azure to AWS\",\"Azure Virtual Network\",\"Elite 5-Star Managed Services\",\"IPSec VPN\",\"Multicloud Connectivity\",\"Navisite\",\"RADIUS Server\",\"StrongSwan\",\"Ubuntu\",\"Windows Server\"],\"articleSection\":[\"Blog\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/\",\"url\":\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/\",\"name\":\"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS - Navisite\",\"isPartOf\":{\"@id\":\"https:\/\/www.navisite.com\/#website\"},\"datePublished\":\"2018-05-18T15:27:48+00:00\",\"dateModified\":\"2020-01-08T04:24:35+00:00\",\"description\":\"1.\u00a0 Summary: Hybrid Cloud Connectivity - Azure P2S VPN This is the fifth blog in the Azure Networking Blog series, and focuses on Azure P2S VPN\",\"breadcrumb\":{\"@id\":\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.navisite.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.navisite.com\/#website\",\"url\":\"https:\/\/www.navisite.com\/\",\"name\":\"Navisite\",\"description\":\"Elevate Your Cloud Journey\",\"publisher\":{\"@id\":\"https:\/\/www.navisite.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.navisite.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.navisite.com\/#organization\",\"name\":\"Navisite\",\"url\":\"https:\/\/www.navisite.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg\",\"contentUrl\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg\",\"width\":1,\"height\":1,\"caption\":\"Navisite\"},\"image\":{\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/twitter.com\/navisite\",\"https:\/\/www.instagram.com\/navisite\/\",\"https:\/\/www.linkedin.com\/company\/navisite\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f\",\"name\":\"Megan Ferringer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg\",\"contentUrl\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg\",\"caption\":\"Megan Ferringer\"},\"description\":\"Megan is the Content Marketing Manager at Navisite with more than 10 years of experience helping brands discover and tell their stories. From working at a global non-profit organization to boutique marketing agencies in Chicago, she champions the power of storytelling across all industries.\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS - Navisite","description":"1.\u00a0 Summary: Hybrid Cloud Connectivity - Azure P2S VPN This is the fifth blog in the Azure Networking Blog series, and focuses on Azure P2S VPN","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/","og_locale":"en_US","og_type":"article","og_title":"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS","og_description":"1.\u00a0 Summary: Hybrid Cloud Connectivity - Azure P2S VPN This is the fifth blog in the Azure Networking Blog series, and focuses on Azure P2S VPN","og_url":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/","og_site_name":"Navisite","article_published_time":"2018-05-18T15:27:48+00:00","article_modified_time":"2020-01-08T04:24:35+00:00","author":"Megan Ferringer","twitter_card":"summary_large_image","twitter_creator":"@navisite","twitter_site":"@navisite","twitter_misc":{"Written by":"Megan Ferringer","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/#article","isPartOf":{"@id":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/"},"author":{"name":"Megan Ferringer","@id":"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f"},"headline":"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS","datePublished":"2018-05-18T15:27:48+00:00","dateModified":"2020-01-08T04:24:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/"},"wordCount":1197,"publisher":{"@id":"https:\/\/www.navisite.com\/#organization"},"keywords":["Active Directory Server","AWS","Azure","Azure P2S","Azure P2S VPN","Azure Remote User Connectivity","Azure Resource Group","Azure S2S VPN","Azure to AWS","Azure Virtual Network","Elite 5-Star Managed Services","IPSec VPN","Multicloud Connectivity","Navisite","RADIUS Server","StrongSwan","Ubuntu","Windows Server"],"articleSection":["Blog"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/","url":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/","name":"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS - Navisite","isPartOf":{"@id":"https:\/\/www.navisite.com\/#website"},"datePublished":"2018-05-18T15:27:48+00:00","dateModified":"2020-01-08T04:24:35+00:00","description":"1.\u00a0 Summary: Hybrid Cloud Connectivity - Azure P2S VPN This is the fifth blog in the Azure Networking Blog series, and focuses on Azure P2S VPN","breadcrumb":{"@id":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.navisite.com\/blog\/hybrid-cloud-connectivity-azure-p2s-vpn-s2s-from-azure-to-aws\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.navisite.com\/"},{"@type":"ListItem","position":2,"name":"Hybrid Cloud Connectivity: Azure P2S VPN, S2S from Azure to AWS"}]},{"@type":"WebSite","@id":"https:\/\/www.navisite.com\/#website","url":"https:\/\/www.navisite.com\/","name":"Navisite","description":"Elevate Your Cloud Journey","publisher":{"@id":"https:\/\/www.navisite.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.navisite.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.navisite.com\/#organization","name":"Navisite","url":"https:\/\/www.navisite.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg","contentUrl":"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg","width":1,"height":1,"caption":"Navisite"},"image":{"@id":"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/twitter.com\/navisite","https:\/\/www.instagram.com\/navisite\/","https:\/\/www.linkedin.com\/company\/navisite"]},{"@type":"Person","@id":"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f","name":"Megan Ferringer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.navisite.com\/#\/schema\/person\/image\/","url":"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg","contentUrl":"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg","caption":"Megan Ferringer"},"description":"Megan is the Content Marketing Manager at Navisite with more than 10 years of experience helping brands discover and tell their stories. From working at a global non-profit organization to boutique marketing agencies in Chicago, she champions the power of storytelling across all industries."}]}},"publishpress_future_action":{"enabled":false,"date":"1970-01-01 00:00:00","action":"","terms":[],"taxonomy":"","browser_timezone_offset":0},"_links":{"self":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/posts\/250"}],"collection":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/users\/114"}],"replies":[{"embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/comments?post=250"}],"version-history":[{"count":0,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/posts\/250\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/media?parent=250"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/categories?post=250"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/tags?post=250"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}