Microsoft Azure

Using Azure PowerShell for easier Microsoft Azure VNet peering between resource groups

I was recently working on a setup where I had 2 Azure resource groups and could not get the virtual networks (VNets) to peer between them. I had Azure AD Domain Services in one resource group and a bunch of session host servers in another resource group. The portal kept throwing this error message when attempting to create a peering:

Failed to add virtual network peering
Failed to add virtual network peering ‘name of peering’. Error: error

Not very helpful right? If you see a nondescript error message like this while attempting to peer you can get around the issue using Azure PowerShell. PowerShell also gives you more descriptive error messages which can be clues to help you troubleshoot what’s wrong.

Advertisement. Scroll to continue reading.

1. First make sure to have Azure PowerShell installed locally or on a jump box. It is a set of cmdlets for PowerShell that will help you manage Azure ARM resources. You can read more on it here: https://docs.microsoft.com/en-us/powershell/azure/overview.
Windows 10 comes with PowerShell already so just open up an elevated PowerShell window and type:

Install-Module AzureRM -AllowClobber

It will tell you:

Advertisement. Scroll to continue reading.

You are installing the modules from an untrusted repository. If you trust this repository, change
its InstallationPolicy value by running the Set-PSRepository cmdlet.
Are you sure you want to install the modules from 'PSGallery'?

Just press “A” for Yes to All. Now load the AzureRM module for Resource Manager remote management by typing in:

Import-Module AzureRM

Advertisement. Scroll to continue reading.

Now you can type in:

Get-Module AzureRM -list | Select-Object Name,Version,Path

and it will output the Azure PowerShell version installed like this:

I also like to manage Azure AD so I usually also do:
Install-Module AzureAD
Import-Module AzureAD

Advertisement. Scroll to continue reading.

2. Now log into your Azure subscription from PowerShell. Type:

Login-AzureRmAccount

and a login box will popup. Just follow the prompts. Then PowerShell will show you the account you are logged in with:

3. Now for the VNet peering. You need to create 2 variables to store your VNet info in. My vnet2 is where my Azure ADDS VNet is in this example. My resource group is also specified here at the end:

Advertisement. Scroll to continue reading.

$vnet2 = Get-AzureRmVirtualNetwork -Name Azure-AD-DS-vnet -ResourceGroupName RG_Azure_AD_Domain_Services

now do the same for where you other VNet is. This is where my session hosts are in this example:
$vnet1 = Get-AzureRmVirtualNetwork -Name OtherRG-tenant-01-vnet -ResourceGroupName OtherRG-tenant-01

and it should look something like this as you type them in:

4. Now type the following to create your first peer. Pro tip, just press tab after the cmdlet and it will automatically add each switch as you go, no need to even type the first letter of the switch:

Advertisement. Scroll to continue reading.

Add-AzureRmVirtualNetworkPeering -Name AD-to-OtherRG -VirtualNetwork $vnet2 -RemoteVirtualNetworkId $vnet1.id

Then do it again but the other way so you have 2 way communication:

Add-AzureRmVirtualNetworkPeering -Name OtherRG-to-AD -VirtualNetwork $vnet1 -RemoteVirtualNetworkId $vnet2.id

Advertisement. Scroll to continue reading.

and you’re done! It should look something like this as you create each peer:

and your Azure Portal should say it’s Connected under Peering Status:

Hope this helps! Please leave a comment below if you have any questions.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Apache

Today I would like to go over proper URL redirection when using SSL but first I would like to preface this by describing what...

Exchange 2003

A useful Exchange 2003 guide I wrote for a friend’s blog originally but I am posting it here on mine now for your viewing...

Citrix Workspace

You can use FIDO2 hardware security keys plugged into your physical desktop over the Citrix HDX remoting protocol for use with virtualized Windows Desktop...

Cloud Design Architecture

The community-driven paperback book initiated by my friends Bas van Kaam and Christiaan Brinkhoff is available for sale on Amazon. If you haven’t picked...

JasonSamuel.com was launched in 2008 as a platform to give back to the IT community by sharing knowledge and expertise. Over the years, it has become a trusted global resource for the latest insights, how-to guides, and forward-thinking leadership on enterprise mobility, security, virtualization, cloud architecture, automation, and other cutting-edge technologies. Today, it serves as a go-to reference hub for IT professionals, attracting hundreds of thousands of unique visitors from around the world each month. Learn more on the About Me page.
Copyright © 2008-2025 JasonSamuel.com

Exit mobile version