- Provisioned an Azure Virtual Network (VNet) in a selected region and created multiple subnets (WebApp, Database, Admin) to logically segregate resources.
- Simulated an on-premises environment using a secondary VNet in US West 3.
- Implemented an Azure VPN Gateway to establish a site-to-site VPN between the simulated on-premises VNet and the main Azure VNet. Verified connectivity to enable hybrid communication and configured VNet peering for seamless resource access.
- Deployed test virtual machines in each subnet, including a CentOS client in the Admin Subnet and a database in the Database Subnet.
- Configured Network Security Groups (NSGs) to control inbound and outbound traffic, allowing only valid connections—HTTP/HTTPS for WebApp Subnet, MySQL for Database Subnet. Removed public IPs on VMs and implemented an Azure Bastion Host on the admin VNet for secure RDP/SSH access.
- Deployed a MySQL database with custom DNS configuration, and used Azure Load Balancer to distribute traffic internally. Configured an internal load balancer for the database subnet and implemented Azure Private Link to securely access the database over a private endpoint, preventing exposure to the public internet.