Azure Classroom Series – 16/Jul/2020

Azure Network Security Group

  • Lets create a nsg for the vm
    • Create a resource group
    • Creating a vnet Preview
    • While creating a vm in the web subnet lets attach nsg to allow public internet communication only on port 80
    • Inbound port rules indirectly create an nsg, we will not be using that Preview
    • If you select just http our goal will be acheived but we will creating a nsg Preview
    • Navigate to networking tab Preview Preview Preview Preview
    • Lets experiment with public ip from our laptops Preview
    • ping public: will fail as ICMP protocol traffic is not opened in nsg Preview
    • Lets login into the machine using ssh protocol & It should work Preview
    • Now lets install apache server and navigate to browser on public ip http://<publicip&gt; Preview Preview
    • Now lets install tomcat server which runs on port 8080 and try to browse using public ip http://<publicip&gt;:8080
    sudo apt-get install tomcat8 -y
    
    Preview
    • Lets try to create a nsg for business subnet which should not allow any traffic from internet. Preview Preview
    • Even if you don’t write any rules default rules matches the behavior. Preview
    • Now lets attach this nsg to business and db subnet Preview Preview Preview

Exercise

  • Create two vnets in two different regions with subnets
    • Web
    • Business
    • db
    • Management
    • AD
  • Remember ip ranges should not collide Preview
  • Ensure subnet nsg’s are in place

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin