{"id":3882,"date":"2023-11-04T23:13:54","date_gmt":"2023-11-04T23:13:54","guid":{"rendered":"http:\/\/localhost:10003\/creating-and-managing-virtual-networks-in-azure\/"},"modified":"2023-11-05T05:48:29","modified_gmt":"2023-11-05T05:48:29","slug":"creating-and-managing-virtual-networks-in-azure","status":"publish","type":"post","link":"http:\/\/localhost:10003\/creating-and-managing-virtual-networks-in-azure\/","title":{"rendered":"Creating and managing virtual networks in Azure"},"content":{"rendered":"
Virtual networks (VNets) in Azure are a powerful tool for creating isolated, secure and scalable network environments for your applications. With virtual networks, you can control network traffic flow, customize IP address ranges, and connect virtual machines (VMs) and other resources securely. This tutorial will guide you through the process of creating and managing virtual networks in Azure.<\/p>\n
To follow this tutorial, you will need:<\/p>\n
To create a new virtual network in Azure, you need to define the IP address range and the subnet CIDR block. You can create a virtual network using the Azure Portal, Azure CLI, or Azure PowerShell. In this tutorial, we will use the Azure CLI to create the virtual network.<\/p>\n
az login\n<\/code><\/pre>\nThis command will open a web page where you can enter your Azure account credentials.<\/p>\n<\/li>\n
- \n
Create a resource group to host the virtual network. Run the following command:<\/p>\n
az group create --name myResourceGroup --location eastus\n<\/code><\/pre>\nReplace myResourceGroup<\/code> with a unique name for your resource group, and eastus<\/code> with your preferred Azure region.<\/p>\n<\/li>\n- \n
Create a virtual network with one subnet. Run the following command:<\/p>\n
az network vnet create --name myVnet --resource-group myResourceGroup --address-prefixes 10.0.0.0\/16 --subnet-name mySubnet --subnet-prefixes 10.0.0.0\/24\n<\/code><\/pre>\nReplace myVnet<\/code> with a unique name for your virtual network and mySubnet<\/code> with a unique name for your subnet.<\/p>\nThis command creates a virtual network with the IP address range of 10.0.0.0\/16<\/code> and a subnet with the CIDR block of 10.0.0.0\/24<\/code>.<\/p>\n<\/li>\n- \n
Verify that the virtual network is created by running the following command:<\/p>\n
az network vnet show --name myVnet --resource-group myResourceGroup --query \"id\"\n<\/code><\/pre>\nThis command will return the unique ID of your virtual network.<\/p>\n<\/li>\n<\/ol>\n
Step 2: Create a Network Security Group<\/h2>\n
A Network Security Group (NSG) is a layer-4 firewall that controls inbound and outbound network traffic for resources in a virtual network. An NSG consists of a set of rules that allow or deny traffic based on source or destination IP address, port, and protocol.<\/p>\n
To create an NSG in Azure, you can use the Azure Portal, Azure CLI, or Azure PowerShell. In this tutorial, we will use the Azure CLI.<\/p>\n
\n- Create an NSG with one inbound rule that allows traffic from the internet to the virtual network. Run the following command:\n
az network nsg create --name myNsg --resource-group myResourceGroup --location eastus\naz network nsg rule create --name myInboundRule --nsg-name myNsg --resource-group myResourceGroup --direction inbound --source-address-prefix \"Internet\" --source-port-range \"*\" --destination-address-prefix \"*\" --destination-port-range \"*\" --access allow --protocol tcp --priority 1000\n<\/code><\/pre>\nReplace myNsg<\/code> with a unique name for your NSG.<\/p>\nThis command creates an NSG with one inbound rule that allows all TCP traffic from the internet to the virtual network.<\/p>\n<\/li>\n
- \n
Associate the NSG with the virtual subnet. Run the following command:<\/p>\n
az network vnet subnet update --name mySubnet --vnet-name myVnet --resource-group myResourceGroup --network-security-group myNsg\n<\/code><\/pre>\nThis command associates the NSG with the subnet of the virtual network.<\/p>\n<\/li>\n<\/ol>\n
Step 3: Create a Virtual Machine and Connect it to the Virtual Network<\/h2>\n
Now that you have created a virtual network and an NSG, you can create a virtual machine and connect it to the virtual network.<\/p>\n
\n- Create a virtual machine in the virtual network subnet. Run the following command:\n
az vm create --resource-group myResourceGroup --name myVm --image UbuntuLTS --admin-username azureuser --generate-ssh-keys --vnet-name myVnet --subnet mySubnet --public-ip-address \"\"\n<\/code><\/pre>\nReplace myVm<\/code> with a unique name for your virtual machine and azureuser<\/code> with your preferred username.<\/p>\nThis command creates a virtual machine with the Ubuntu LTS image, no public IP address, and connects it to the virtual network subnet.<\/p>\n<\/li>\n
- \n
Connect to the virtual machine using SSH. Run the following command:<\/p>\n
ssh azureuser@<public-ip-address>\n<\/code><\/pre>\nReplace <public-ip-address><\/code> with the public IP address of your virtual machine.<\/p>\n<\/li>\n- \n
Verify that the virtual machine has access to the internet by running the following command:<\/p>\n
curl http:\/\/ipinfo.io\/ip\n<\/code><\/pre>\nThis command should return the public IP address of the virtual machine.<\/p>\n<\/li>\n
- \n
Verify that the virtual machine is protected by the NSG by running the following command:<\/p>\n
curl http:\/\/testmy.net\/ip\n<\/code><\/pre>\nThis command should fail to connect because the NSG blocks incoming traffic from the testmy.net IP address.<\/p>\n<\/li>\n<\/ol>\n
Step 4: Connect Two Virtual Networks<\/h2>\n
In Azure, you can connect two virtual networks together using a Virtual Network Peering. A peering allows resources in one virtual network to communicate with resources in another virtual network securely and privately, as if they were in the same virtual network.<\/p>\n
To create a virtual network peering, both virtual networks must be in the same Azure region and must not have overlapping IP address ranges.<\/p>\n
\n- Create a second virtual network in the same region. Run the following command:\n
az network vnet create --name myVnet2 --resource-group myResourceGroup --address-prefixes 192.168.0.0\/16 --subnet-name mySubnet2 --subnet-prefixes 192.168.0.0\/24\n<\/code><\/pre>\nReplace myVnet2<\/code> with a unique name for your second virtual network and mySubnet2<\/code> with a unique name for your subnet.<\/p>\nThis command creates a virtual network with the IP address range of 192.168.0.0\/16<\/code> and a subnet with the CIDR block of 192.168.0.0\/24<\/code>.<\/p>\n<\/li>\n- \n
Create a virtual network peering between the two virtual networks. Run the following command:<\/p>\n
az network vnet peering create --name myPeering --resource-group myResourceGroup --vnet-name myVnet --remote-vnet \/subscriptions\/<subscription-id>\/resourceGroups\/myResourceGroup\/providers\/Microsoft.Network\/virtualNetworks\/myVnet2 --allow-vnet-access\n<\/code><\/pre>\nReplace <subscription-id><\/code> with your Azure subscription ID.<\/p>\nThis command creates a peering between myVnet<\/code> and myVnet2<\/code> and allows virtual machines in both virtual networks to communicate with each other.<\/p>\n<\/li>\n- \n
Connect a virtual machine in myVnet<\/code> to a virtual machine in myVnet2<\/code>. To do this, create two virtual machines, one in each virtual network, and configure them to allow ICMP traffic. Then ping one virtual machine from the other.<\/p>\n# Create a virtual machine in myVnet\naz vm create --resource-group myResourceGroup --name myVm1 --image UbuntuLTS --admin-username azureuser --generate-ssh-keys --vnet-name myVnet --subnet mySubnet --public-ip-address \"\"\n\n# Create a virtual machine in myVnet2\naz vm create --resource-group myResourceGroup --name myVm2 --image UbuntuLTS --admin-username azureuser --generate-ssh-keys --vnet-name myVnet2 --subnet mySubnet2 --public-ip-address \"\"\n\n# Allow ICMP traffic in myVm1\naz vm open-port --port 22,80,443,icmp --resource-group myResourceGroup --name myVm1\n\n# Allow ICMP traffic in myVm2\naz vm open-port --port 22,80,443,icmp --resource-group myResourceGroup --name myVm2\n\n# Ping myVm1 from myVm2\nping <myVm1-private-ip-address>\n<\/code><\/pre>\nReplace <myVm1-private-ip-address><\/code> with the private IP address of myVm1<\/code>.<\/p>\n<\/li>\n<\/ol>\nConclusion<\/h2>\n
In this tutorial, you learned how to create and manage virtual networks in Azure. You learned how to create a virtual network, a network security group, and a virtual machine, and how to connect virtual networks using a virtual network peering. With these skills, you can create isolated and secure networking environments for your applications in Azure.<\/p>\n","protected":false},"excerpt":{"rendered":"
Introduction Virtual networks (VNets) in Azure are a powerful tool for creating isolated, secure and scalable network environments for your applications. With virtual networks, you can control network traffic flow, customize IP address ranges, and connect virtual machines (VMs) and other resources securely. This tutorial will guide you through the Continue Reading<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","footnotes":""},"categories":[1],"tags":[90,87,91,89,88,86],"yoast_head":"\nCreating and managing virtual networks in Azure - Pantherax Blogs<\/title>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\t\n