- How does the virtual network gateway know to use the ER connection to get to the data centre, rather than the internet?
When you set up an ExpressRoute circuit, you'll need to configure a virtual network gateway in Azure and a corresponding router on your on-premises network. The gateway and router will establish a BGP peering session and exchange routing information. The router on your on-premises network will advertise the routes to your on-premises network over the ExpressRoute circuit, and the virtual network gateway in Azure will learn those routes and use the ExpressRoute circuit to reach the on-premises network.
- Where do I get the ASN for private peering? Is it something I can just make up?
The ASN for private peering is typically assigned by your Internet Service Provider (ISP) or telecommunications provider. You can't just make it up. You should be able to obtain the ASN from your provider when you request private peering.
- Do I need to have 2 IP addresses for the private peering at my office?
Yes, you'll need two IP addresses for private peering - one for your on-premises router's interface facing the ExpressRoute circuit, and one for your on-premises router's interface facing your on-premises network. These IP addresses should be in different subnets.
- Would I need to configure the VLAN ID on the WAN port in the office or is that just for Azure to use?
You'll need to configure the VLAN ID on the WAN port of your on-premises router. The VLAN ID is used to identify the traffic that is being sent over the ExpressRoute circuit, and it needs to match the VLAN ID that you configure in Azure when you set up the ExpressRoute circuit.
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin