Integration between services helps take advantage of all your services’ features, but, without technical assistance, the integration process can prove challenging. Recently, one of our municipal customers wanted CivicWise integration service to communicate with their corporate network’s hosted Amanda Webservice API. This is a great example of how CivicWise simplified a complicated integration. Our integration service is an Azure function that watches a queue for messages and processes the messages to perform the integration. If you’re interested in what makes integrations like this possible, you’re in the right place. Note that we went further than the steps mentioned to productize this capability so that we can easily repeat it for all our municipal customers. To complete the communication process from our Azure Function to the municipal corporate network, we needed to set up a Site-2-Site VPN connection.
A Site-to-Site (s2s) VPN gateway connection is used to connect your on-premise network to Azure resources attached to an Azure Virtual network (VNET). A s2s VPN can be used for Azure Functions to communicate with resources on your on-premise network.
What is Amanda?
Amanda is a platform provided by Calytera (formerly CDSC) that provides solutions for government services. When it comes to municipalities, these services mostly involve permitting & compliance and licensing solutions. Integrating CivicWise with Amanda enables municipalities to take advantage of the best of Amanda and CivicWise’s services. This way municipalities can, for example, take advantage of the customizations enabled by CivicWise’s modern citizen facing portal and workflow capabilities with Amanda backing it as the primary repository for municipal data and legacy services.
Before You Begin
You will need a compatible VPN device. You can find more information about Azure compatible VPN devices from this Microsoft documentation. Note the following:
- Your device must support IPsec/IKE (IKEV1 or IKEV2).
- Your VPN must have an externally facing public IP address.
- The IP address range on your on-premise network that Azure will route traffic to. None of the subnets on your on-premise network can overlap with the VNET subnets that you want to connect to.
- Azure functions must run on the premium plan to be able to integrate with a VNet.
Setup the Site-to-Site VPN Connection
Set up the VPN device on the on-premise side. Note that the following information from the on-premise configuration is needed to setup the Azure side of the VPN.
Primary Gateway IP—The public IP address of the VPN
Pre-shared key – Key used to authenticate the peers during phase 1 of the VPN connection. This key will need to be provided when configuring the azure side of the VPN.
Create a VNet
Follow this Quickstart guide to create your Azure VNet.
Create the VPN Gateway
A VPN gateway is used when creating a connection to your on-premise network. Follow the Create a route-based VPN Gateway article to create the VPN Gateway. A few specifics to account for when creating the VPN Gateway:
- Gateway type – VPN
- VPN Type – Route based
- Sku – Use VpnGw1 or higher. Here you can see more details on the different VPN Gateway Sku’s.
- Public IP address – You will need a public IP address to create a VPN Gateway. You will need this public IP to be configured within your device settings as well.
Create the VPN Connection
Once Azure provisions the Gateway and public IP address for you, then you can proceed to set up the local gateway to complete the creation of the VPN Connection. To complete the local gateway setup, you will need the public IP address of the on-premise device and the address space(s) on the on-premise network that can connect via the VPN.
Configure the Azure Function App
An azure function app must be on a premium plan to be able to connect to a VNet. If you already do not have a function App, create one. To do this, go into the Function app platform settings and navigate to the ‘Networking’ settings.
Create a New Subnet
The subnet must have a minimum of 200 IP addresses to allow for the Function App to elastically scale. You will need to use a CIDR notation of /24 to allow the range of IP Addresses needed for the Function App.
Successful Integration with Amanda
If all the steps above were completed in full, your Amanda and CivicWise will be integrated. You can use these steps to integrate systems of your own or let us help you. Request a demo for an opportunity to learn more about the advantages of integrating CivicWise with other systems today