Hi All,
This is my first time configuring a S2S tunnel with Azure (from Cisco ASA) and i'm having a bit of trouble understanding the networks on Azure.
But i think my question is pretty simple.
- We have 1 Azure Portal where we will host different "evironments", let's say: Test, Production, Development.
- Every environment will have it's own subnet. To make it easy, let's say every environment will use a simple /24
- We will a connection to every environment through the IPsec tunnel.
Question 1: in this case, should i make 1 VNet with 1 big subnet (/22 in this case) and subnet that further under the "Subnets" section or should i make 1 VNet with 3 different address spaces? I can't see what the difference is.
Question 2: for a VPN connection you need a GatewaySubnet. In this case, do i need a GatewaySubnet for every "environment"? Would i also need to make 3 seperate IPsec tunnels? I'm having a hard time understanding the Azure side of the IPsec tunnel how you specify "interesting" traffic. I can't seem to understand how a normal subnet and a GatewaySubnet cooperate since you don't specify the normal subnet anywhere.
Thanks in advance!
Eric