Peering Virtual Networks

Peering enables services from different virtual networks to communicate with one another using private IP addresses. This section discusses how to peer two Azure virtual networks; for instance, peering an AKS virtual network with a SmartConnector or other ArcSight product.

You should consult the Azure documentation on peering virtual networks for precise commands. The procedure here is provided as an example. In this peering example, we use the Azure Cloud Shell to peer the virtual network (vnet) demo-vnet, from the resource group srg-demo with the virtual network qaprg-vnet from resource group qaprg.

To set up peering between these two example virtual networks using the Azure Cloud Shell:

  1. Obtain the ID for the virtual network demo-vnet from resource group srg-demo, and store it in the variable vNet1Id:
    vNet1Id=$(az network vnet show --resource-group srg-demo --name demo-vnet --query id --out tsv)
  2. Obtain the ID for the virtual network qaprg-vnet from resource group qaprg, and store it in the variable vNet2Id:
    vNet2Id=$(az network vnet show --resource-group qaprg --name qaprg-vnet --query id --out tsv)
  3. Establish peering for the vnet demo-vnet from resource group srg-demo to remote virtual network (ID in $vNet2Id) with the following command:
    az network vnet peering create --name demo-vnet-to-qaprg-vnet --resource-group srg-demo --vnet-name demo-vnet --remote-vnet $vNet2Id --allow-vnet-access

Where the name parameter is symbolic. You can choose a value for this as desired.

  1. To establish a connection, you must establish peering from qaprg-vnet to demo-vnet. Run the following command:
    az network vnet peering create --name qaprg-vnet-to-demo-vnet --resource-group qaprg --vnet-name qaprg-vnet --remote-vnet $vNet1Id --allow-vnet-access
  2. To verify the establishment of peering, run the following command:
    az network vnet peering show --name demo-vnet-to-qaprg-vnet --resource-group srg-demo --vnet-name demo-vnet --query peeringState
Change the name to the same name used in Step 4, and use your vnet and resource group.
  1. If peering has been established successfully, then Connected is returned.