Vnet peering is a great way of connecting two separate Vnets with a low latency link over Azure’s backbone.


2 Vnets in separate region, eBGP between the sites and IPSec tunnel between on-prem and Azure Vnet in UK South.

Configure Peer Link to allow router propagation

az network vnet peering update -g MyResourceGroup -n MyVnet1ToMyVnet2 --vnet-name MyVnet1 --set allowGatewayTransit=true


On-prem firewall learns all routes from VNET in UK South and UK West:

asa01-croxdengardens# sh bgp  | i
*>                         0  65001 i
*>              0         32768  ?
*>                         0  65001 i
*>                         0  65001 i
*>                         0  65001 i

