Creating a VNet2VNet connection is not a tough task. To create it, you need to perform the following steps:

1. Firstly, you need to create a virtual network gateway to act as a VPN device for each virtual network.
2. Search for virtual network gateway, as shown in the following screenshot:

3. Once clicked on Virtual network gateways, a new pane will be opened where you can view all the created virtual network gateways (if any), and create new virtual gateways, as shown in the following screenshot:

4. To create a new virtual network gateway, click on Add, and a new blade will pop up in which you have to specify the following:
   • Name: Specify a name for the virtual network gateway.
   • Gateway type: There are two supported gateway types in Azure; VPN or ExpressRoute, and for the purpose of the current scenario VPN will be selected. (More information about ExpressRoute will be covered later in the chapter).
   • VPN type: Specify whether it will be Route-based, which uses dynamic routing, or Policy-based, which uses static routing. The route-based type will fit for almost every scenario.
   • SKU: Specify the SKU that would fit your scenario. Azure offers four VPN gateway SKUs, and every SKU has a different specification.
   • Enable active-active mode: If you selected any SKU other than the basic tier, you can enable this mode. If enabled, you will have to specify two gateway IP configurations with two public IP addresses.
   • Virtual network: Specify the virtual network for which you want to create a virtual network gateway.
   • First IP configuration: Specify whether you want to create a new public IP address or you want to select an existing one that is not associated with other services.
   • Configure BGP ASN: This option is available for route-based VPNs with SKUs other than basic, and it provides automatic and flexible network updates between different VNets.
   • Subscription: Specify the subscription that will be charged for this service usage.
   • Location: Specify the location at which this service will be built:

5. Then, you need to create another virtual network gateway, but this time it will be for the other virtual network.
6. Once you are done, you can navigate to one of the virtual network gateways you have created, and under SETTINGS, click on Connections, as shown in the following screenshot:

7. Click on Add, and a new blade will pop up where you have to specify the following:
   • Name: The name of the connection.
   • Connection type: Select VNet-to-VNet for this scenario. There are two other types that will be discussed later.
   • First virtual network gateway: This connection is added by default for the virtual network gateway on which you have opened the Connections blade.
   • Second virtual network gateway: Specify the other virtual network gateway.
   • Shared key (PSK): A mixture of letters and numbers used to establish the connection between the two virtual network gateways. It is recommended that you make it as complex as possible, but keep a copy of it as it will be needed later:

8. You have to do the same thing on the other virtual network connection. As a result, the connection will be successfully established between the two VNets, and the status of the connections will be Connected, as shown in the following screenshot: