Azure Networking

Activity 1: Create a network and add vms into it

• Lets create a network with 3 subnets as mentioned below
  
• Steps to create a vnet with 3 subnets:
  • Create a resource group
  • Create a virtual network in that resource group
    
    
    
    
    
    
    
    
    
    
• docs link Refer Here
• Network Security Group: This allows us to write rules to allow or deny traffic.
• Creating NSG
  
  
  
  
  
• Create a linux vm and add it to web subnet with webnsg
  
  
  
  
• Try connecting to vm, it fails
  
• lets add inbound rules to allow 22 from my laptop,80 port from anywhere
  
  
  
• Now when we access http from any where it works, whereas ssh is accessible only from my local system
  
• Exericise: Create a network with vms and nsgs as shown below
  

Network Security Group (NSG)

• This allows us to write rules to allow or deny traffic.
• NSG can be attached to nic or entire subnet
• NSG has rules with priority (lower the rule number higher the priority)
• NSG Rules are differnet for incoming traffic and outgoing traffic
• Each rule has
  • source/destination address
  • protocol
  • port
  • action
• Refer Here for official docs
• Good Practices:
  • Always start with priority number greater than 100
  • Dont use consecutive numbers for nsg rules as some other items might come down the line in the future