![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 92%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Azure Site Recovery
An Azure native disaster recovery service. Previously known as Microsoft Azure Hyper-V Recovery Manager.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 6%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Hello Anoop Sabu,
It looks like you're trying to set up a secure Site-to-Site VPN between AWS and the Azure disaster recovery environment, and then configure Azure Site Recovery (ASR) for your AWS EC2 instances.
Here's What You Can Do:
Establish the Site-to-Site VPN:
On AWS:
- Create a Virtual Private Gateway and a Customer Gateway. The Customer Gateway should point to the public IP address of your Azure VPN Gateway.
On Azure:
- Create a Virtual Network Gateway. Note down its public IP.
- Set up a Local Network Gateway that points to the AWS Virtual Private Gateway's IP.
- Create a connection between them, using a shared pre-shared key (PSK).
This will establish an encrypted tunnel for secure communication.
2.Configure Azure Site Recovery (ASR):
- After the VPN connection is active, go to the Azure portal and create a Recovery Services Vault.
- Set up replication for your AWS EC2 instances within this vault.
- Install the Azure Site Recovery Mobility Service on each EC2 instance that you want to protect. This agent will manage the data replication from AWS to Azure continuously.
3.Networking:
- Be aware that ASR does not manage the VPN connection; you're responsible for its resilience.
- Make sure to point ASR to the private IP addresses of your AWS VMs during replication setup, ensuring data flows securely through the VPN tunnel.
Getting Started:
Here’s a summarized checklist to help you with your setup:
- VPN Configuration:
- AWS: Create Virtual Private Gateway & Customer Gateway.
- Azure: Set up Virtual Network Gateway & Local Network Gateway.
- Connect: Establish the VPN connection with the shared PSK.
- ASR Configuration:
- Create Recovery Services Vault in Azure.
- Install Mobility Service Agent on EC2 instances.
- Set up replication for the EC2 instances.
Key Point:
You must ensure that the AWS VMs are correctly targeting the right IP addresses over the VPN for ASR to function correctly. If you encounter any connectivity issues, refer to the documentation on networking for troubleshooting.
Reference Documents:
Backup and data recovery for Azure Stack with the Infrastructure Backup Service
Azure Site Recovery: Backup and restore virtual machines
Configure disaster recovery setup for multiple Azure resources
Hope this helps! If you have more questions or run into issues, feel free to reach out.