Pureport supports private connectivity to Microsoft Azure via the Microsoft Azure Partner program. Pureport allows you to establish Layer 3 connectivity (via BGP) to your Pureport Network without having to specify Autonomous System Numbers or IP networks for the peering connections. The Pureport Multicloud Fabric does this for you.


To use Pureport to connect to Azure via ExpressRoute, perform the steps to set up an ExpressRoute circuit and then provision the Connection in your Pureport Network:

  1. Generate a Service Key in the Azure Portal
  2. Create a new Connection in the Pureport Console
  3. Confirm circuit is up/up on the Azure side
  4. Configure private peering for an ExpressRoute Circuit
  5. Link a VNet to an ExpressRoute circuit

Once these steps are complete, you will move on to the article Configuring Azure Private Peering.


Prerequisites

Before you begin:

  • Ensure that you have access to the Azure portal.
  • Ensure that you have permissions to create new networking resources. Contact your account administrator if you do not have the right permissions.
  • In order to use the ExpressRoute circuit you will need to have an Azure vNet and an Virtual Network Gateway provisioned in your Azure environment.



Creating your Azure ExpressRoute Circuit and Service Key

For complete information, refer to the Azure documentation site.

  1. Sign into the Azure Portal.

  2. To create a new ExpressRoute Circuit, select Create a resource > Networking > ExpressRoute. You can alternatively search for ExpressRoute in the search bar.
    Note: If ExpressRoute is not listed, use the Search field to find the ExpressRoute option.

  3. Complete the fields on the Create ExpressRoute Circuit page. 
  4. Complete each field on the on the Create ExpressRoute Circuit page. Be aware of the following special fields and values:
    • Circuit Name: give the circuit a descriptive name
    • Provider: Select Equinix 
          Note: Although Pureport is the Connectivity Provider, Equinix is the Ethernet Exchange Provider. For complete information, see "ExpressRoute connectivity providers" in the Azure documentation.
    • Peering location: The Azure peering location must match the Pureport location you will choose in the next step via the Pureport console. For a list of supported locations see Pureport Locations and Cloud Regions.
    • Bandwidth: The speed of the circuit. This must match the speed you will select in the next step via the Pureport console.
    • SKU: Standard is adequate for most needs.
    • Billing Model: for most purposes, Metered is a better choice than unlimited. See the ExpressRoute pricing page for more information.
    • Resource Group:  select the appropriate Azure resource group
    • Location: The Azure Region for this connection. In general, this should match the region where the target vNet is deployed. For a list of supported regions, see Pureport Locations and Cloud Regions.

  5. Click Create.


To review the properties of the new circuit:

  1.  Select All Resources.
    Tip: Use the filters to easily find a specific resource.

  2. Select the circuit. The system displays its properties. NOTE: If the Azure portal displays an error message stating "Invalid ExpressRoute state" the circuit is still being provisioned and should be available shortly.


Note: Use the Copy icon to copy your Service Key number to your PC's clipboard. You will need to complete the provisioning process in the Pureport Console.
 



Create an Azure ExpressRoute Connection in the Pureport Console

Use this procedure to create a new connection:

  1. Login to the Pureport Console using an account with an appropriate Role. At a minimum you will need the Create and Update permissions for Networks. For more information on Roles, see the Accounts, Members and Roles article.

  2. In the left navigation bar, select Networks.


  3. Select the network you wish to add the connection to Azure.
    To create a new network for this connection, see Creating a Network.

  4. Select Add Connection... in the upper right of the console or click the location on the network map.


  5. In the New Connection page, select Azure ExpressRoute as the connection Type, then click Next.


  6. Select which Azure Cloud Region you specified in the "Location" field when you created the ExpressRoute circuit above, and click Next.


  7. Select the Pureport location which matches the "Peering Location" you specified in the Azure portal above, and click Next.


  8. Select the Speed of the connection. This must match the bandwidth you selected when creating the ExpressRoute Circuit.
    Microsoft Azure supports only redundant connections via ExpressRoute, so High Availability cannot be disabled for ExpressRoute connections.


  9. Enter your Azure Service Key (that you copied earlier from the Azure portal) and click Next.


  10. For the BGP settings, enter the Azure default ASN number, 12076, and click Next.
  11. Optionally add any CIDR networks you may be connecting. Note, these are only used when subsequently connecting a policy-based VPN to your Pureport network and are completely optional. Click Next when finished. 
  12. You may also enable and configure Cloud Grade NAT if desired, as detailed in the Cloud Grade NAT knowledge-base article. Then click Next.

  13. Enter a meaningful Name and Description, then click Add Connection.


Confirm circuit is Enabled on the Azure portal

To review the properties of the circuit that you're interested, return to the Azure portal and check the Provider Status of the circuit.


Confirm that the Provider status is Provisioned.

Circuit and provider status



Configure Azure Private Peering

Once these steps are complete, you will move on to the article Configuring Azure Private Peering.

For complete information, see: https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-routing-portal-resource-manager#private.


Link a VNet to an ExpressRoute circuit

From there you will move on to Link an Azure virtual network to an Expressroute circuit

For complete information, see:  https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-linkvnet-portal-resource-manager.