Forum Discussion
ASR Failover network architecture
I'm new to Azure and I have requirement to set up disaster recovery for an on-prem server. I am aware of the process in replicating the server to the cloud. However, I am not able to grasp how networ...
Hi phantom2000.
Setting up disaster recovery for an on-premises server using Azure Site Recovery (ASR) requires careful planning of your network architecture to ensure that, in the event of a failover, the communication between on-premises devices and the cloud server is maintained seamlessly. Here's a high-level overview of how you can set up the networking for this scenario:
Create a virtual network in Azure: Set up a virtual network (VNet) in Azure with an address space that does not overlap with your on-premises network's address space. For example, if your on-premises network is using the 172.x.x.x address space, you could use the 10.x.x.x address space for the Azure VNet.
Set up a VPN gateway in Azure: Create a virtual network gateway within the Azure VNet, which acts as the VPN endpoint in the Azure cloud. Configure it as a VPN gateway type and attach a public IP address to it.
Set up a VPN gateway on-premises: Configure a VPN gateway on your on-premises network. This could be a hardware VPN device or a software VPN solution such as Windows Server Routing and Remote Access Service (RRAS).
Establish a site-to-site (S2S) VPN connection: Set up a site-to-site VPN connection between the on-premises VPN gateway and the Azure VPN gateway. This will create a secure tunnel between your on-premises network and the Azure VNet, allowing devices in both networks to communicate with each other.
Configure Azure Site Recovery: Configure ASR to replicate your on-premises server to the Azure VNet. During the configuration, you can choose the Azure VNet and the appropriate subnet for the replicated server.
Update DNS settings: In the event of a failover, you will need to update the DNS settings for the devices in your on-premises network to point to the new IP address of the server in the Azure VNet. This can be done manually, or you can automate it using Azure Automation or another scripting tool.
When a failover occurs and your on-premises server is replicated to the Azure VNet, the cloud server will be assigned an IP address from the Azure VNet address space. Since you've established a site-to-site VPN connection between the Azure VNet and your on-premises network, devices in your on-premises network will be able to communicate with the cloud server using its new IP address through the VPN tunnel. Similarly, the cloud server will be able to communicate with devices in your on-premises network.
Keep in mind that this is a high-level overview, and your specific setup might require additional configuration or adjustments based on your unique requirements and network topology.
Setting up disaster recovery for an on-premises server using Azure Site Recovery (ASR) requires careful planning of your network architecture to ensure that, in the event of a failover, the communication between on-premises devices and the cloud server is maintained seamlessly. Here's a high-level overview of how you can set up the networking for this scenario:
Create a virtual network in Azure: Set up a virtual network (VNet) in Azure with an address space that does not overlap with your on-premises network's address space. For example, if your on-premises network is using the 172.x.x.x address space, you could use the 10.x.x.x address space for the Azure VNet.
Set up a VPN gateway in Azure: Create a virtual network gateway within the Azure VNet, which acts as the VPN endpoint in the Azure cloud. Configure it as a VPN gateway type and attach a public IP address to it.
Set up a VPN gateway on-premises: Configure a VPN gateway on your on-premises network. This could be a hardware VPN device or a software VPN solution such as Windows Server Routing and Remote Access Service (RRAS).
Establish a site-to-site (S2S) VPN connection: Set up a site-to-site VPN connection between the on-premises VPN gateway and the Azure VPN gateway. This will create a secure tunnel between your on-premises network and the Azure VNet, allowing devices in both networks to communicate with each other.
Configure Azure Site Recovery: Configure ASR to replicate your on-premises server to the Azure VNet. During the configuration, you can choose the Azure VNet and the appropriate subnet for the replicated server.
Update DNS settings: In the event of a failover, you will need to update the DNS settings for the devices in your on-premises network to point to the new IP address of the server in the Azure VNet. This can be done manually, or you can automate it using Azure Automation or another scripting tool.
When a failover occurs and your on-premises server is replicated to the Azure VNet, the cloud server will be assigned an IP address from the Azure VNet address space. Since you've established a site-to-site VPN connection between the Azure VNet and your on-premises network, devices in your on-premises network will be able to communicate with the cloud server using its new IP address through the VPN tunnel. Similarly, the cloud server will be able to communicate with devices in your on-premises network.
Keep in mind that this is a high-level overview, and your specific setup might require additional configuration or adjustments based on your unique requirements and network topology.
