Azure VNET Peering with Transit

Question

Hi, I am new in Azure platform, I would like to ask if it is possible if I can transit into a region for me to reach my VNET to the other region?

REGION1VNET1 <-vnetpeer-> REGION2VNET2 <-vnetpeer-> REGION3VNET3

Can VNET1 can reach VNET3 transiting VNET2?

thank you

Answer 1

Hello FXE

I understand that you're trying to determine if you can connect three Azure virtual networks across multiple regions. Specifically, you want to check if VNET1 in REGION1 can communicate with VNET3 in REGION3 via VNET2 in REGION2.

This is possible using virtual network peering with transit. Here’s how to set it up:

• First, set up peering between VNET1 and VNET2, and then between VNET2 and VNET3.
• Configure a NVA or firewall in VNET2.
• When configuring the peering settings for VNET2, enable the setting that allows VNET1 to use VNET2’s gateway (if VNET2 has a gateway). This is essential for traffic from VNET1 to reach VNET3.
• And configure a route table on all subnets of VNET1 with the destination as the VNET3 address prefix and the next hop as NVA or firewall hosted in VNET2, and vice versa on VNET3 as well.
• Ensure the routes are correctly set to allow traffic to flow from VNET1 through VNET2 to VNET3. Azure will automatically add routes if gateway transit is enabled.

For more detailed steps, refer to the official Azure documentation: Use Azure Firewall to route a multi hub and spoke topology

Reference doc: https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-peering-gateway-transit?wt.mc_id=knowledgesearch_inproduct_azure-cxp-community-insider

---

Hope the above answer helps! Please let us know do you have any further queries. Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.