You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/firewall/tutorial-hybrid-portal.md
+17-13Lines changed: 17 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -58,7 +58,7 @@ If you don't have an Azure subscription, create a [free account](https://azure.m
58
58
First, create the resource group to contain the resources:
59
59
60
60
1. Sign in to the [Azure portal](https://portal.azure.com).
61
-
1. On the Azure portal's home page, select **Resource groups** > **Create**.
61
+
1. On the Azure portal home page, select **Resource groups** > **Create**.
62
62
1. For **Subscription**, select your subscription.
63
63
1. For **Resource group**, enter **RG-fw-hybrid-test**.
64
64
1. For **Region**, select a region. All resources that you create later must be in the same region.
@@ -70,7 +70,7 @@ Now, create the virtual network.
70
70
> [!NOTE]
71
71
> The size of the **AzureFirewallSubnet** subnet is /26. For more information about the subnet size, see [Azure Firewall FAQ](firewall-faq.yml#why-does-azure-firewall-need-a--26-subnet-size).
72
72
73
-
1.From the Azure portal's home page, select **Create a resource**.
73
+
1.On the Azure portal home page, select **Create a resource**.
74
74
1. In the search box, enter **virtual network**.
75
75
1. Select **Virtual network**, and then select **Create**.
76
76
1. For **Resource group**, select **RG-fw-hybrid-test**.
@@ -96,7 +96,7 @@ Create a second subnet for the gateway:
96
96
97
97
## Create the spoke virtual network
98
98
99
-
1.From the Azure portal's home page, select **Create a resource**.
99
+
1.On the Azure portal home page, select **Create a resource**.
100
100
1. In the search box, enter **virtual network**.
101
101
1. Select **Virtual network**, and then select **Create**.
102
102
1. For **Resource group**, select **RG-fw-hybrid-test**.
@@ -116,7 +116,7 @@ Create a second subnet for the gateway:
116
116
117
117
## Create the on-premises virtual network
118
118
119
-
1.From the Azure portal's home page, select **Create a resource**.
119
+
1.On the Azure portal home page, select **Create a resource**.
120
120
1. In the search box, enter **virtual network**.
121
121
1. Select **Virtual network**, and then select **Create**.
122
122
1. For **Resource group**, select **RG-fw-hybrid-test**.
@@ -146,7 +146,7 @@ Now, create a second subnet for the gateway:
146
146
147
147
Deploy the firewall into the firewall hub's virtual network:
148
148
149
-
1.From the Azure portal's home page, select **Create a resource**.
149
+
1.On the Azure portal home page, select **Create a resource**.
150
150
1. In the search box, enter **firewall**.
151
151
1. Select **Firewall**, and then select **Create**.
152
152
1. On the **Create a Firewall** page, use the following table to configure the firewall:
@@ -206,7 +206,7 @@ The hub and on-premises virtual networks are connected via VPN gateways.
206
206
207
207
Create the VPN gateway for the hub virtual network. Network-to-network configurations require a route-based VPN type. Creating a VPN gateway can often take 45 minutes or more, depending on the SKU that you select.
208
208
209
-
1.From the Azure portal's home page, select **Create a resource**.
209
+
1.On the Azure portal home page, select **Create a resource**.
210
210
1. In the search box, enter **virtual network gateway**.
211
211
1. Select **Virtual network gateway**, and then select **Create**.
212
212
1. For **Name**, enter **GW-hub**.
@@ -224,7 +224,7 @@ Create the VPN gateway for the hub virtual network. Network-to-network configura
224
224
225
225
Create the VPN gateway for the on-premises virtual network. Network-to-network configurations require a route-based VPN type. Creating a VPN gateway can often take 45 minutes or more, depending on the SKU that you select.
226
226
227
-
1.From the Azure portal's home page, select **Create a resource**.
227
+
1.On the Azure portal home page, select **Create a resource**.
228
228
1. In the search box, enter **virtual network gateway**.
229
229
1. Select **Virtual network gateway**, and then select **Create**.
230
230
1. For **Name**, enter **GW-Onprem**.
@@ -306,6 +306,8 @@ Now, peer the hub and spoke virtual networks:
306
306
307
307
1. Select **Add**.
308
308
309
+
The following screenshot shows the settings to use when you peer hub and spoke virtual networks:
310
+
309
311
:::image type="content" source="media/tutorial-hybrid-portal/firewall-peering.png" alt-text="Screenshot that shows selections for peering hub and spoke virtual networks.":::
310
312
311
313
## Create the routes
@@ -315,7 +317,9 @@ In the following steps, you create these routes:
315
317
- A route from the hub gateway subnet to the spoke subnet through the firewall IP address
316
318
- A default route from the spoke subnet through the firewall IP address
317
319
318
-
1. From the Azure portal's home page, select **Create a resource**.
320
+
To create the routes:
321
+
322
+
1. On the Azure portal home page, select **Create a resource**.
319
323
1. In the search box, enter **route table**.
320
324
1. Select **Route table**, and then select **Create**.
321
325
1. For the resource group, select **RG-fw-hybrid-test**.
@@ -343,7 +347,7 @@ Now, associate the route to the subnet:
343
347
344
348
Create the default route from the spoke subnet:
345
349
346
-
1.From the Azure portal's home page, select **Create a resource**.
350
+
1.On the Azure portal home page, select **Create a resource**.
347
351
1. In the search box, enter **route table**.
348
352
1. Select **Route table**, and then select **Create**.
349
353
1. For the resource group, select **RG-fw-hybrid-test**.
@@ -378,7 +382,7 @@ Create the spoke workload and on-premises virtual machines, and place them in th
378
382
379
383
Create a virtual machine in the spoke virtual network that runs Internet Information Services (IIS) and has no public IP address:
380
384
381
-
1.From the Azure portal's home page, select **Create a resource**.
385
+
1.On the Azure portal home page, select **Create a resource**.
382
386
1. Under **Popular Marketplace products**, select **Windows Server 2019 Datacenter**.
@@ -398,7 +402,7 @@ Create a virtual machine in the spoke virtual network that runs Internet Informa
398
402
399
403
### Install IIS
400
404
401
-
1.From the Azure portal, open Azure Cloud Shell and make sure that it's set to **PowerShell**.
405
+
1.On the Azure portal, open Azure Cloud Shell and make sure that it's set to **PowerShell**.
402
406
1. Run the following command to install IIS on the virtual machine, and change the location if necessary:
403
407
404
408
```azurepowershell-interactive
@@ -417,7 +421,7 @@ Create a virtual machine in the spoke virtual network that runs Internet Informa
417
421
418
422
Create a virtual machine that you use to connect via remote access to the public IP address. From there, you can connect to the spoke server through the firewall.
419
423
420
-
1.From the Azure portal's home page, select **Create a resource**.
424
+
1.On the Azure portal home page, select **Create a resource**.
421
425
1. Under **Popular**, select **Windows Server 2019 Datacenter**.
422
426
1. Enter these values for the virtual machine:
423
427
-**Resource group**: Select **Existing**, and then select **RG-fw-hybrid-test**.
@@ -440,7 +444,7 @@ Create a virtual machine that you use to connect via remote access to the public
440
444
441
445
1. Note the private IP address for the **VM-Spoke-01** virtual machine.
442
446
443
-
1.From the Azure portal, connect to the **VM-Onprem** virtual machine.
447
+
1.On the Azure portal, connect to the **VM-Onprem** virtual machine.
444
448
445
449
1. Open a web browser on **VM-Onprem**, and browse to `http://<VM-Spoke-01 private IP>`.
0 commit comments