Azure Networking
Network Security Groups contd
- Create a vnet with name ntier with cidr range of
10.10.0.0/22 - Create 3 subnets
- web: 10.10.0.0/24
- app: 10.10.1.0/24
- db: 10.10.2.0/24
- mgmt: 10.10.3.0/24
- Create a web nsg, appnsg and db nsg as discussed in previous session Refer Here
- Create a linux vm in web subnet with public ip
- Create a linux vm in app subnet with public ip
- Create a linux vm in db subnet with public ip
- Open 3 terminals
- one for web vm and ssh into it
- one for app vm and ssh into it (it will not be allowed directly)
- one for db vm and ssh into it (it will not be allowed directly)
- Positive Tests (should be allowed)
- ssh from web to app
- ssh from app to db
- Negative Tests (Should not be allowed)
- ssh from web to db
- Testing can be done by creating vms and testing
- The other effective way is Network watcher => NSG Diagnostics
