Now that we have deployed a simple Azure Resource Manager template from Visual Studio in Part 1, let’s look at just how simple it is to use that method to deploy a network of VMs using networking templates. If you aren’t a networking expert (and I am admittedly not), the configuration options for virtual networks is pretty daunting. But the availability of networking templates can be a great way to learn.

As I said in Part 1, using Visual Studio for template editing and resource group management really simplifies the process. The environment is familiar, and the process is repeatable – both advantages when learning Azure Networking. In Part 2, we can see how to take a pre-configured template that creates an Azure virtual network with multiple VMs and a load balancer already included, and alter it to be compatible with a VNet-VNet VPN connection.

First, we need to know what is included in the default template. Just as before, create a Azure Resource Group project. This time, select Windows Server Virtual Machines with Load Balancer.

2016-01-26 13_06_14-Select Azure Template

Once the project opens, use the JSON Outline and expand the Resources group. The Storage Account, Availability Set, Virtual Network, Network Interface, Load Balancer, and a loop for Virtual Machines are all created for you. If you Deploy this template as-is, you will get all of these resourced created with the same prefix name MyWindowsVM and network name MyVNet.

Adding Parameters

To make things a little easier for repeated deployments using the networking templates, we can change those names into parameters with default values. Add the following parameters to the Parameters section of the template, then remove them from the variables list:

Then find/replace all the variable references to these values and replace them with parameter references. Now we can quickly change these values when we deploy, or choose to let the defaults remain.

2016-01-26 14_11_52-AzureResourceGroupVnetDemo - Microsoft Visual Studio (Administrator)

Next, we need to add a few more resources to prepare this VNet for a VPN connection. The VNet must have:

  • A Public IP address
  • A Gateway Subnet, named GatewaySubnet, in addition to any other subnets in the VNet
  • The GatewaySubnet must have a CIDR (Address Count) of at least /29, although your network requirements may require more
  • A Gateway Subnet that does not conflict with the other subnets in the VNet
  • A Network Gateway using the GatewaySubnet and the public IP address

Add New Resource Dialog

The Public IP address can be added using the Add New Resource dialog in Visual Studio.

2016-01-26 14_26_42-AzureResourceGroupVnetDemo - Microsoft Visual Studio (Administrator)

This will add JSON for the necessary variables, parameters, and resources required for the public IP. Any time you can use this method to add a resource, it is highly beneficial to do so.

2016-01-26 14_27_35-Add Resource

Adding Resources Manually

The Gateway and Gateway Subnet are not available through the Add New Resource dialog, but we can manually add the JSON. For the Gateway Subnet, find the Subnets collection and add an additional item:

We need a variable for the subnet:

And the actual resource for the vpn gateway:

Now we can deploy the entire network – VMs, Gateway, Availability Set and Load Balancer, all with the project Deploy command for the networking templates. Anything set as a parameter in the JSON will show in this dialog, with any preset options and default values available for selection.

2016-01-26 14_52_30-AzureResourceGroupVnetDemo - Microsoft Visual Studio (Administrator)

Be aware that the Gateway can take several minutes to deploy, so it’s a good time to go grab a sandwich after clicking that Deploy button. But, (eventually) we can see the network deployed in the Azure portal, all ready for a VPN connection, either to another VNet, or to a local VPN.

2016-01-26 18_01_48-Settings - Microsoft Azure

The following two tabs change content below.