Blog

Mulesoft

Setting up of VPC and VPN in Anypoint Platform - Complete Walkthrough (Azure Cloud)

# Written by Fathima Farzana,   Jan 15, 2021 4:25:33 PM

Introduction

MuleSoft’s CloudHub is a multi-tenant integration platform in the Cloud. CloudHub Virtual Private Cloud (VPC) allows you to create a virtual, private, and isolated network segment on AWS cloud to host your CloudHub workers. CloudHub VPC is part of CloudHub managed services which allows us to deploy, run and manage our applications in a dedicated and secure environment.

VPN stands for Virtual Private Network and Anypoint VPN creates a secure connection between CloudHub and Customer networks.

Walkthrough

Steps to create VPC:

  1. In your Runtime Manager, click on the VPCs and create VPC.
  2. Name the VPC and then choose a region closest to your data centre.
  3. Give the CIDR block size and range for the VPC. The block size that can be assigned for Anypoint VPC is 24 (256 IP addresses) and the largest 16 (65,536 IP addresses).
  4. addresses) and the largest 16 (65,536 IP addresses). Choose the environment and the business group.

Setting up of VPC and VPN

  1. Configure the firewall rules. MuleSoft provides four default firewall rules. Custom firewall rules can be used to allow specific IP ranges and ports. Setting up of VPC and VPN

  2. Click on create VPC

Setting up of VPC and VPN

  1. Now go to VPN and click on create VPN Setting up of VPC and VPN

  2. Name the VPN and choose the VPC from the dropdown. Setting up of VPC and VPN

  3. Remote IP Address needs to be taken from the resource that we create in Azure.

  4. First sign in to Microsoft Azure portal. (You can use the trial version for this walkthrough) https://portal.azure.com/

  5. Create a resource group.

A resource group is a container that holds related resources for an Azure solution. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group. Setting up of VPC and VPN Setting up of VPC and VPN Setting up of VPC and VPN

  1. Open the resource group. Setting up of VPC and VPN

  2. Add a new Virtual Network and click on create. The resource group and region will come by default. Click on create and review and then create. Setting up of VPC and VPN Setting up of VPC and VPN Setting up of VPC and VPN

  3. Create a virtual network gateway. Give a name to the gateway and one for the Public IP address. And also choose the virtual network from the network. After clicking on create, it will take some time to generate the Public IP address. The same IP address is used as a Remote IP address for creating a VPN.

A virtual network gateway is composed of two or more VMs that are deployed to a specific subnet you create called the gateway subnet. Setting up of VPC and VPN Setting up of VPC and VPN Setting up of VPC and VPN

  1. Copy the public IP address. Setting up of VPC and VPN

  2. To get the value of CIDR, go to the Virtual Network created, click on the subnets in the left palette. Default and Gateway Subnet will be displayed. Copy the default subnet value and paste as the CIDR. Setting up of VPC and VPN Setting up of VPC and VPN Setting up of VPC and VPN

  3. The status, tunnel1 and tunnel2 will be PENDING. If successful then status will become AVAILABLE and tunnel1 and tunnel2 will be DOWN. If failed, both the tunnels would be pending and the status will be failed.

Setting up of VPC and VPN

  1. To make the tunnels UP in Azure, create Local Network Gateway for both the tunnels separately. Give a name to the gateway. The IP Address should be taken from the Local external IP address of Tunnel 1 in Anypoint Platform. The Address Space is the CIDR of the VPC.

A local network gateway is a specific object that represents your on-premises location (the site) for routing purposes.

Setting up of VPC and VPN Setting up of VPC and VPN

  1. Do the same for tunnel2. Setting up of VPC and VPN

  2. Now go to the Virtual Network Gateway in the left palette and select connections. Give a name for the connection. Make the connection type site-to-site IPsec. Choose the local network gateway from the drop-down. For Shared PSK Key, copy the value from the respective tunnel in the Anypoint Platform. Create for both the tunnels. Setting up of VPC and VPN Setting up of VPC and VPN Setting up of VPC and VPN Setting up of VPC and VPN

  3. Once both the connections are made perfectly then both the tunnels will be UP. Setting up of VPC and VPN

Hoorah!! Our task is completed. We have now successfully configured VPC and VPN (azure cloud) in the Anypoint Platform.

Hope this helps you

References

  1. https://blogs.mulesoft.com/api-integration/security/isolate-your-worker-instances-using-a-vpc/
  2. https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal#:~:text=The local network gateway is,the site) for routing purposes
  3. https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways