Create Express Route connection
You must create an ExpressRoute connection following the steps below:
-
Type expressroute in the search bar and press enter from the keyboard.
-
Click Create.
-
Enter the required details to create the ExpressRoute connection. Create a new resource group or add to the existing in the Basics tab.
-
Select an appropriate region from the dropdown list and enter a name in the Instance details section.
-
Go to Configuration tab and configure ExpressRoute.
- Port Type: Provider
- Create New or Import from classic: Create new
- Provider: Equinix
- Peering location: Washington DC (For US East)
- Bandwidth: 50Mbps
- SKU: Standard
- Billing model: Metered
-
Go to Review + create tab, review the details, and click Create.
-
Once complete, the following screen should appear.
“Your deployment is complete” message displays.
-
Click Go to resource.
-
Copy Service key.
a. The Provider Status displays “Not Provisioned”.
b. Share the Service Key with Thales in the [On-boarding form]{hyperlink}.
c. Thales initiates the process to Provision the Azure ExpressRoute.
d. Thales provides you with an update about the connection setup.Once you receive the setup confirmation from Thales, you must complete the ExpressRoute setup.
After the connection is established, the Provider status changes to Provisioned as highlighted in the image below.
-
To create Peerings, select Peerings and then select Azure private.
The following screen appears.
• Peer ASN:
Region Data Center Peer ASN US East US DC13 65013 US East US CU02 65014 EU West NL AM02 65021 EU West DE FR04 65022 • Subnets: IPv4
• IPv4 Primary Subnet: E.g., 100.64.160.0/30
• IPv4 Secondary Subnet: E.g., 100.64.180.0/30
• VLAN ID: 201 -
Enter the IPv4 Primary and Secondary Subnet along with VLAN ID and share these with Thales to setup the BGP connection between Azure and the cloud subscription HSM in question.