Merge pull request #253191 from halkazwini/nw-routing2

v-dirichards · web-flow · commit 9a35d78006fc · 2023-09-28T14:33:16.000-05:00
Use RDP to connect instead of Bastion to simplify tutorial for beginners
diff --git a/articles/network-watcher/diagnose-vm-network-routing-problem.md b/articles/network-watcher/diagnose-vm-network-routing-problem.md
@@ -6,19 +6,19 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: network-watcher
 ms.topic: tutorial
-ms.date: 09/26/2023
+ms.date: 09/28/2023
 
 # CustomerIntent: As an Azure administrator, I want to diagnose virtual machine (VM) network routing problem that prevents it from communicating with the internet.
 ---
 
 # Tutorial: Diagnose a virtual machine network routing problem using the Azure portal
 
-In this tutorial, You use Azure Network Watcher [next hop](network-watcher-next-hop-overview.md) tool to troubleshoot and diagnose a VM routing problem that's preventing it from correctly communicating with other resources. Next hop shows you that the routing problem is caused by a [custom route](../virtual-network/virtual-networks-udr-overview.md#custom-routes).
+In this tutorial, You use Azure Network Watcher [next hop](network-watcher-next-hop-overview.md) tool to troubleshoot and diagnose a VM routing problem that's preventing it from correctly communicating with other resources. Next hop shows you that the routing problem is caused by a [custom route](../virtual-network/virtual-networks-udr-overview.md?toc=/azure/network-watcher/toc.json#custom-routes).
 
 In this tutorial, you learn how to:
 
 > [!div class="checklist"]
-> * Create a virtual network and a Bastion host
+> * Create a virtual network
 > * Create two virtual machines
 > * Test communication to different IPs using the next hop capability of Azure Network Watcher
 > * View the effective routes
@@ -49,30 +49,20 @@ In this section, you create a virtual network.
     | Subscription | Select your Azure subscription. |
     | Resource Group | Select **Create new**. </br> Enter ***myResourceGroup*** in **Name**. </br> Select **OK**. |
     | **Instance details** |  |
-    | Name | Enter ***myVNet***. |
+    | Virtual network name | Enter ***myVNet***. |
     | Region | Select **East US**. |
 
-1. Select the **IP Addresses** tab, or select **Next: IP Addresses** button at the bottom of the page.
+1. Select the **IP Addresses** tab, or select **Next** button at the bottom of the page twice.
 
 1. Enter the following values in the **IP Addresses** tab:
 
     | Setting | Value |
     | --- | --- |
-    | IPv4 address space | Enter ***10.0.0.0/16***. |
-    | Subnet name | Enter ***mySubnet***. |
-    | Subnet address range | Enter ***10.0.0.0/24***. |
+    | IPv4 address space | **10.0.0.0/16** |
+    | Subnet name | **mySubnet** |
+    | Subnet IP address range | **10.0.0.0 - 10.0.0.255** (size: **/24**) |
 
-1. Select the **Security** tab, or select the **Next: Security** button at the bottom of the page. 
-
-1. Under **BastionHost**, select **Enable** and enter the following values:
-
-    | Setting | Value |
-    | --- | --- |
-    | Bastion name | Enter ***myBastionHost***. |
-    | AzureBastionSubnet address space | Enter ***10.0.3.0/24***. |
-    | Public IP Address | Select **Create new**. </br> Enter ***myBastionIP*** for **Name**. </br> Select **OK**. |
-
-1. Select the **Review + create** tab or select the **Review + create** button.
+1. Select the **Review + create** tab or select the **Review + create** button at the bottom of the page.
 
 1. Review the settings, and then select **Create**. 
 
@@ -84,9 +74,9 @@ In this section, you create two virtual machines: **myVM** and **myNVA**. You us
 
 1. In the search box at the top of the portal, enter ***virtual machines***. Select **Virtual machines** in the search results.
 
-2. Select **+ Create** and then select **Azure virtual machine**.
+1. Select **+ Create** and then select **Azure virtual machine**.
 
-3. In **Create a virtual machine**, enter or select the following values in the **Basics** tab:
+1. In **Create a virtual machine**, enter or select the following values in the **Basics** tab:
 
     | Setting | Value |
     | --- | --- |
@@ -105,38 +95,41 @@ In this section, you create two virtual machines: **myVM** and **myNVA**. You us
     | Password | Enter a password. |
     | Confirm password | Reenter password. |
 
-4. Select the **Networking** tab, or select **Next: Disks**, then **Next: Networking**.
+1. Select the **Networking** tab, or select **Next: Disks**, then **Next: Networking**.
 
-5. In the Networking tab, enter or select the following values:
+1. In the Networking tab, enter or select the following values:
 
     | Setting | Value |
     | --- | --- |
     | **Network interface** |  |
     | Virtual network | Select **myVNet**. |
     | Subnet | Select **mySubnet**. |
-    | Public IP | Select **None**. |
+    | Public IP | Select **(new) myVM-ip**. |
     | NIC network security group | Select **Basic**. |
-    | Public inbound ports | Select **None**. |
+    | Public inbound ports | Select **Allow selected ports**. |
+    | Select inbound ports | Select **RDP (3389)**. |
+
+    [!INCLUDE [RDP Caution](../../includes/network-watcher-rdp.md)]
 
-6. Select **Review + create**.
+1. Select **Review + create**.
 
-7. Review the settings, and then select **Create**. 
+1. Review the settings, and then select **Create**. 
 
-8. Once the deployment is complete, select **Go to resource** to go to the **Overview** page of **myVM**.  
+1. Once the deployment is complete, select **Go to resource** to go to the **Overview** page of **myVM**.  
 
-9. Select **Connect**, then select **Bastion**.
+1. Select **Connect**, then select **select** under **Native RDP**.
 
-10. Enter the username and password that you created in the previous steps.
+1. Select **Download RDP file** and open the downloaded file.
 
-11. Select **Connect** button.
+1. Select **Connect** and then enter the username and password that you created in the previous steps. Accept the certificate if prompted.
 
-12. Once logged in, open a web browser and go to `www.bing.com` to verify it's reachable.
+1. Once logged in, open a web browser and go to `www.bing.com` to verify it's reachable.
 
     :::image type="content" source="./media/diagnose-vm-network-routing-problem/bing-allowed.png" alt-text="Screenshot showing Bing page in a web browser.":::
 
 ### Create second virtual machine
 
-Follow the previous steps that you used to create **myVM** virtual machine and enter ***myNVA*** for the virtual machine name.
+Follow the previous steps (1-6) and use ***myNVA*** for the virtual machine name to create the second virtual machine.
 
 ## Test network communication using Network Watcher next hop
 
diff --git a/includes/network-watcher-rdp.md b/includes/network-watcher-rdp.md
@@ -0,0 +1,10 @@
+---
+author: halkazwini
+ms.author: halkazwini
+ms.service: network-watcher
+ms.topic: include
+ms.date: 09/28/2023    
+ms.custom: include file
+---
+> [!CAUTION]
+> Leaving the RDP port open to the internet is only recommended for testing. For production environments, it's recommended to restrict access to the RDP port to a specific IP address or range of IP addresses. You can also block internet access to the RDP port and use [Azure Bastion](../articles/bastion/bastion-overview.md?toc=/azure/network-watcher/toc.json) to securely connect to your virtual machine from the Azure portal.
