Create a virtual network using the Azure portal

Prasanth Madugula

Uncategorized

In this quickstart, you’ll learn how to create a virtual network using the Azure portal. You deploy two virtual machines (VMs). Next, you securely communicate between VMs and connect to VMs from the internet. A virtual network is the fundamental building block for your private network in Azure. It enables Azure resources, like VMs, to securely communicate with each other and with the internet.

Prerequisites

Sign in to Azure

Sign in to the Azure portal.

Create a virtual network

  1. Select Create a resource in the upper left-hand corner of the portal.
  2. In the search box, enter Virtual Network. Select Virtual Network in the search results.
  3. In the Virtual Network page, select Create.
  4. In Create virtual network, enter or select this information in the Basics tab:Screenshot of creating a virtual network in Azure portal.SettingValueProject detailsSubscriptionSelect your subscription.Resource groupSelect myResourceGroup.Instance detailsNameEnter myVNet.RegionSelect (US) East US.
  5. Select the IP Addresses tab, or select the Next: IP Addresses button at the bottom of the page and enter in the following information then select Add:Screenshot of editing ip address tab for virtual network.SettingValueIPv4 address spaceEnter 10.1.0.0/16.Add subnetSubnet nameEnter MySubnet.Subnet address rangeEnter 10.1.0.0/24.Select Add.
  6. Select the Security tab, or select the Next: Security button at the bottom of the page.
  7. Under BastionHost, select Enable. Enter this information:Screenshot of editing security tab for virtual network.SettingValueBastion nameEnter myBastionHostAzureBastionSubnet address spaceEnter 10.1.1.0/24Public IP AddressSelect Create new.
    For Name, enter myBastionIP.
    Select OK.
  8. Select the Review + create tab or select the Review + create button.
  9. Select Create.

Create virtual machines

Create two VMs in the virtual network:

Create the first VM

  1. On the upper-left side of the portal, select Create a resource > Compute > Virtual machine.
  2. In Create a virtual machine, type or select the values in the Basics tab:SettingValueProject DetailsSubscriptionSelect your Azure subscriptionResource GroupSelect myResourceGroupInstance detailsVirtual machine nameEnter myVM1RegionSelect (US) East USAvailability OptionsSelect No infrastructure redundancy requiredImageSelect Windows Server 2019 Datacenter – Gen2Azure Spot instanceSelect NoSizeChoose VM size or take default settingAdministrator accountUsernameEnter a usernamePasswordEnter a passwordConfirm passwordReenter passwordInbound port rulesPublic inbound portsSelect None.screenshot of creating basic settings for virtual machine.
  3. Select the Networking tab, or select Next: Disks, then Next: Networking.
  4. In the Networking tab, select or enter:SettingValueNetwork interfaceVirtual networkSelect myVNet.SubnetSelect mySubnetPublic IPSelect NoneNIC network security groupSelect BasicPublic inbound ports networkSelect None.
  5. Select the Review + create tab, or select the blue Review + create button at the bottom of the page.
  6. Review the settings, and then select Create.

Create the second VM

  1. On the upper-left side of the portal, select Create a resource > Compute > Virtual machine.
  2. In Create a virtual machine, type or select the values in the Basics tab:SettingValueProject DetailsSubscriptionSelect your Azure subscriptionResource GroupSelect myResourceGroupInstance detailsVirtual machine nameEnter myVM2RegionSelect (US) East USAvailability OptionsSelect No infrastructure redundancy requiredImageSelect Windows Server 2019 Datacenter – Gen2Azure Spot instanceSelect NoSizeChoose VM size or take default settingAdministrator accountUsernameEnter a usernamePasswordEnter a passwordConfirm passwordReenter passwordInbound port rulesPublic inbound portsSelect None.
  3. Select the Networking tab, or select Next: Disks, then Next: Networking.
  4. In the Networking tab, select or enter:SettingValueNetwork interfaceVirtual networkSelect myVNet.SubnetSelect mySubnetPublic IPSelect NoneNIC network security groupSelect BasicPublic inbound ports networkSelect None.
  5. Select the Review + create tab, or select the blue Review + create button at the bottom of the page.
  6. Review the settings, and then select Create.

 Note

Azure provides a default outbound access IP for VMs that either aren’t assigned a public IP address or are in the back-end pool of an internal basic Azure load balancer. The default outbound access IP mechanism provides an outbound IP address that isn’t configurable.

The default outbound access IP is disabled when a public IP address is assigned to the VM, the VM is placed in the back-end pool of a standard load balancer, with or without outbound rules, or if an Azure Virtual Network NAT gateway resource is assigned to the subnet of the VM.

VMs that are created by virtual machine scale sets in flexible orchestration mode don’t have default outbound access.

For more information about outbound connections in Azure, see Default outbound access in Azure and Use source network address translation (SNAT) for outbound connections.

Connect to myVM1

  1. Go to the Azure portal to manage your private VM. Search for and select Virtual machines.
  2. Pick the name of your private virtual machine myVM1.
  3. In the VM menu bar, select Connect, then select Bastion.Screenshot of connecting to myVM1 with Azure Bastion.
  4. In the Connect page, select the blue Use Bastion button.
  5. In the Bastion page, enter the username and password you created for the virtual machine previously.
  6. Select Connect.

For more information about Azure Bastion, see Azure Bastion.

Communicate between VMs

  1. In the Bastion connection of myVM1, open PowerShell.
  2. Enter ping myVM2.You’ll get a reply message like this:PowerShellCopyPS C:\Users\myVM1> ping myVM2 Pinging myVM2.ovvzzdcazhbu5iczfvonhg2zrb.bx.internal.cloudapp.net Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 10.0.0.5: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), The ping fails, because it uses the Internet Control Message Protocol (ICMP). By default, ICMP isn’t allowed through your Windows firewall.
  3. To allow myVM2 to ping myVM1 in a later step, enter this command:PowerShellCopyNew-NetFirewallRule –DisplayName "Allow ICMPv4-In" –Protocol ICMPv4 That command lets ICMP inbound through the Windows firewall.
  4. Close the bastion connection to myVM1.
  5. Complete the steps in Connect to myVM1, but connect to myVM2.
  6. Open PowerShell on myVM2, enter ping myVM1.You’ll receive a successful reply message like this:PowerShellCopyPinging myVM1.cs4wv3rxdjgedggsfghkjrxuqf.bx.internal.cloudapp.net [10.1.0.4] with 32 bytes of data: Reply from 10.1.0.4: bytes=32 time=1ms TTL=128 Reply from 10.1.0.4: bytes=32 time=1ms TTL=128 Reply from 10.1.0.4: bytes=32 time=1ms TTL=128 Reply from 10.1.0.4: bytes=32 time=1ms TTL=128 Ping statistics for 10.1.0.4: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 1ms, Average = 1ms
  7. Close the bastion connection to myVM2.

Clean up resources

In this quickstart, you created a default virtual network and two VMs.

You connected to one VM from the internet and securely communicated between the two VMs.

When you’re done using the virtual network and the VMs, delete the resource group and all of the resources it contains:

  1. Search for and select myResourceGroup.
  2. Select Delete resource group.
  3. Enter myResourceGroup for TYPE THE RESOURCE GROUP NAME and select Delete.

Azure Storage Accounts Overview & Steps To Create

A Step by Step guide to building Fully Secured Private AKS Cluster

Leave a Comment

MFH IT Solutions (Regd No -LIN : AP-03-46-003-03147775)

Consultation & project support organization.

Terms & Conditions
Refund Policy
Privacy Policy
Forum

Register

Members

Activity

Groups

Contact

MFH IT Solutions (Regd)
NAD Kotha Road, Opp Bashyam School, Butchurajupalem, Jaya Prakash Nagar Visakhapatnam, Andhra Pradesh – 530027