- You must create the virtual WAN (vWAN) hub within your subscription via the Azure portal. Log in to the Azure portal.
- Click Create a new resource > Virtual WAN.
- Complete the fields as desired. The Name and Resource group fields do not support special characters or uppercase letters. Click Create.
- To enable branches to communicate with each other through the vWAN hub, go to Configuration and click Allow branch to branch traffic.
- Go to Hubs, then click +New Hub.
- In this example architecture, branch offices connect to the vWAN hub through IPsec VPN using site-to-site connectivity. This requires creating a VPN gateway. On the Site to site tab, create a VPN gateway.
Site-to-site connectivity uses the following settings. You can choose the gateway scale units depending on traffic needs.
On the Point to site tab, you can configure settings to connect end user devices to the vWAN hub using OpenVPN and other VPN clients. On the ExpressRoute tab, you can create an ExpressRoute gateway to connect ExpressRoutes to the vWAN hub. On the Routing tab, you can set up routing tables for advanced routing using the hub. Since the example architecture only pertains to site-to-site connection and does not use routing using the hub, point-to-site and ExpressRoute gateway creation and route tables will remain disabled.
- Click Create. Creating a vWAN hub can take up to 30 minutes.