Software Secure Access
Activity Manage

Step 4: Create a static route table in Azure

Add a table of branch routes and internet routes to the primary VPN gateway and associate the route table with any required subnets. For more information, see Azure: Create, change, or delete a route table.

  1. In the Azure admin portal, navigate to Overview > Resource group (click the name of your resource group) > + Create.
  2. Search the marketplace for Route table, then click Create.
  3. Configure the Basics tab of the route table.
    1. Select the Subscription and Resource group of your virtual network.
  4. Review the configuration, then click Create. Azure will deploy the route table and update the dashboard when deployment is complete.
  5. Navigate to Overview > Resource group (click the name of your resource group) > Resources, then click the name of your route table.
  6. Click + Add.

  7. Configure a route.
    1. Route name: The example in the image is Internet.
    2. Destination type: IP Addresses.
    3. Destination IP addresses/CIDR ranges: Enter the IP ranges for branch sites configured as address spaces for Azure local network gateways. This example uses 209.165.201.0/27.
    4. Next hop type: Virtual appliance.
    5. Next hop address: Enter the first IP address returned by this Azure CloudShell command. In this example, the next hop address is 10.255.255.4.
    az network vnet-gateway show --resource-group \<Resource Group Name> -n \<VNET Gateway Name> | jq .bgpSettings.bgpPeeringAddress
    

     
    The CloudShell command returns the BGP peering addresses for the primary and secondary local network gateways.

    By creating a static route to the primary local network gateway connection, Azure will route all traffic to the primary DC via the primary S2S tunnel when both tunnels are up. When the primary tunnel is down, Azure will route all traffic to the secondary DC via the secondary S2S tunnel.

  8. Associate a subnet.
    1. Navigate to Settings > Subnets.
    2. Select the virtual network.
    3. Subnet: default.
    4. Click OK.