|
| 1 | +--- |
| 2 | +title: 'Quickstart: Create an Azure Firewall with multiple public IP addresses - Resource Manager template' |
| 3 | +description: Learn how to use a Resource Manager template to create an Azure Firewall with multiple public IP addresses. |
| 4 | +services: firewall |
| 5 | +author: vhorne |
| 6 | +ms.service: firewall |
| 7 | +ms.topic: quickstart |
| 8 | +ms.date: 04/13/2020 |
| 9 | +ms.author: victorh |
| 10 | +--- |
| 11 | + |
| 12 | +# Quickstart: Create an Azure Firewall with multiple public IP addresses - Resource Manager template |
| 13 | + |
| 14 | +In this quickstart, you use a Resource Manager template to deploy an Azure Firewall with multiple public IP addresses. |
| 15 | + |
| 16 | +NAT rule collection rules allow RDP connections to two Windows Server 2019 virtual machines. |
| 17 | + |
| 18 | +[!INCLUDE [About Azure Resource Manager](../../includes/resource-manager-quickstart-introduction.md)] |
| 19 | + |
| 20 | +## Prerequisites |
| 21 | + |
| 22 | +- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F). |
| 23 | + |
| 24 | +## Create an Azure Firewall |
| 25 | + |
| 26 | +This template creates an Azure Firewall with two public IP addresses, along with the necessary resources to support the Azure Firewall. |
| 27 | + |
| 28 | +### Review the template |
| 29 | + |
| 30 | +The template used in this quickstart is from [Azure Quickstart templates](https://github.com/Azure/azure-quickstart-templates/blob/master/fw-docs-qs/azuredeploy.json) |
| 31 | + |
| 32 | +:::code language="json" source="~/quickstart-templates/fw-docs-qs/azuredeploy.json" range="001-391" highlight="238-370"::: |
| 33 | + |
| 34 | +Multiple Azure resources are defined in the template: |
| 35 | + |
| 36 | +- [**Microsoft.Network/publicIPAddresses**](/azure/templates/microsoft.network/publicipaddresses) |
| 37 | +- [**Microsoft.Network/networkSecurityGroups**](/azure/templates/microsoft.network/networksecuritygroups) |
| 38 | +- [**Microsoft.Network/virtualNetworks**](/azure/templates/microsoft.network/virtualnetworks) |
| 39 | +- [**Microsoft.Compute/virtualMachines**](/azure/templates/microsoft.compute/virtualmachines) |
| 40 | +- [**Microsoft.Network/networkInterfaces**](/azure/templates/microsoft.network/networkinterfaces) |
| 41 | +- [**Microsoft.Storage/storageAccounts**](/azure/templates/microsoft.storage/storageAccounts) |
| 42 | +- [**Microsoft.Network/azureFirewalls**](/azure/templates/microsoft.network/azureFirewalls) |
| 43 | +- [**Microsoft.Network/routeTables**](/azure/templates/microsoft.network/routeTables) |
| 44 | + |
| 45 | + |
| 46 | +### Deploy the template |
| 47 | + |
| 48 | +Deploy Resource Manager template to Azure: |
| 49 | + |
| 50 | +1. Select **Deploy to Azure** to sign in to Azure and open the template. The template creates an Azure Firewall, the network infrastructure, and two virtual machines. |
| 51 | + |
| 52 | + <a href="https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2Fazure-quickstart-templates%2Fmaster%2Ffw-docs-qs%2Fazuredeploy.json"><img src="./media/quick-create-multiple-ip-template/deploy-to-azure.png" alt="deploy to azure"/></a> |
| 53 | + |
| 54 | +2. In the portal, on the **Create an Azure Firewall with multiple IP public addresses** page, type or select the following values: |
| 55 | + - Subscription: Select from existing subscriptions |
| 56 | + - Resource group: Select from existing resource groups or select **Create new**, and select **OK**. |
| 57 | + - Location: Select a location |
| 58 | + - Admin Username: Type username for the administrator user account |
| 59 | + - Admin Password: Type an administrator password or key |
| 60 | + |
| 61 | +3. Select **I agree to the terms and conditions stated above** and then select **Purchase**. The deployment can take 10 minutes or longer to complete. |
| 62 | + |
| 63 | +## Validate the deployment |
| 64 | + |
| 65 | +In the Azure portal, review the deployed resources. Note the firewall public IP addresses. |
| 66 | + |
| 67 | +Use Remote Desktop Connection to connect to the firewall public IP addresses. Successful connections demonstrates firewall NAT rules that allow the connection to the backend servers. |
| 68 | + |
| 69 | +## Clean up resources |
| 70 | + |
| 71 | +When you no longer need the resources that you created with the firewall, delete the resource group. This removes the firewall and all the related resources. |
| 72 | + |
| 73 | +To delete the resource group, call the `Remove-AzResourceGroup` cmdlet: |
| 74 | + |
| 75 | +```azurepowershell-interactive |
| 76 | +Remove-AzResourceGroup -Name "<your resource group name>" |
| 77 | +``` |
| 78 | + |
| 79 | +## Next steps |
| 80 | + |
| 81 | +> [!div class="nextstepaction"] |
| 82 | +> [Tutorial: Deploy and configure Azure Firewall in a hybrid network using the Azure portal](tutorial-hybrid-portal.md) |
0 commit comments