Best Assignment Doers

2.4 Creating Virtual Network

by

admin
in ,

Activity Overview: In this graded activity, students will provision a virtual network, virtual machines, ACL/firewall rules, and their prerequisite components in Azure Cloud Platform. Students will then generate back up templates and connect to their compute resources remotely.

Activity Outcomes: After completing this activity will be able to

  • Demonstrate configuration of cloud-based virtual network functions
  • Demonstrate configuration of cloud-based ACL and firewall rules
  • Demonstrate the creation of backup/templates in Azure
  • Demonstrate remote connectivity to compute resources in the cloud

Deliverable: Upload all requested screenshots below, as a .pdf export from the editor of your choosing.

Naming convention: “lastnamefirstinitial_Assignment#.pdf” e.g: “smithp_A1.1.pdf”

Be sure to include your name, student number, and course (CNW-2511) at the top of your document.


Provisioning Resources in Azure

Microsoft Azure Cloud Platform offers the ability to provision many cloud-based resources, including virtual appliances (VM’s and Containers), and virtual network functions (VNF). The process to create and configure these resources is reliable and quick within a cloud platform, so the reliance on our knowledge of theory and how these resources work together becomes paramount.

Follow this link to log in to the Azure Portal. Virtual Machines (and many other billed resources), must be disabled/deleted via the Azure dashboard to prevent continuous billing. Shutting down a VM within the OS will not disable them.

After you have completed this activity, you will delete all created resources, then verify with screenshots.

Do not create any resources unless you are specifically requested to. This runs a very high risk of your student account credits ($200 cap) being spent in their entirety, at which point you will no longer be able to access any of the resources required for this course, and future courses.

In this lab, you will be provisioning:

  • One (1) Virtual Network
  • Two (2) virtual NIC’s
  • One (1) static public IP (VIP – standard SKU)
  • One (1) firewall
  • One (1) network security group
  • One (1) private address spaces with two (2) subnets
  • Two (2) Virtual Machines

Whenever you see “LNFI” input your last name and first initial (ex: smithp)

As you progress through this activity, your instructor will request that you capture a screenshot periodically (on Mac OS: “command+shift+3” to capture the whole screen, or “command+shift+4” then drag the cursor over the area you would like to capture). These screenshots are part of your required deliverable and will be graded.

Please attend or view Live Lecture (Week 2 Part 1) when available for the latest walkthrough. It is important to understand Cloud Service Provider (CSP) platforms change frequently, so the available recording here may look differently than what you see. You are welcome to use your best judgement to navigate any differences, or wait until the Live Lecture recording becomes available for further elaboration.

Diagram of Activity Outcome

Lab Steps and Configuration Requirements

  1. Resource Group
    1. Name: LNFI-MMYYYY
    2. Region: ANY REGION THAT ALLOWS YOU TO CREATE VM’S, I use “East” as a naming example here
  2. Public IP
    1. SKU: Standard (Static)
    2. Name: cnw-region-PIP-LNFI
    3. DNS name label: cnwLNFI
    4. Resource Group: Use the one created above
    5. Availability Zone: Zone-redundant
  3. Virtual Network
    1. Name: cnw-east-LNFI “east” or whatever region you are using
    2. Address Space: 10.0.1.0 /24
    3. Subnet: 10.0.1.64 /26
      1. Name: cnw-east-compute-LFNI
    4. Firewall: Enabled
      1. Name: cnw-east-fw-LNFI
      2. Firewall Subnet Address Space: 10.0.1.0 /26
      3. Public IP Address: Use Existing (the PIP created above)
  4. Network Interface 1
    1. Name: cnw-east-client01
    2. Virtual Network: Same as above
    3. Subnet: cnw-east-compute…
    4. Static address assignment
    5. Private IP Address: 10.0.1.80
    6. Network Security Group: None
    7. Resource Group: Same as above
  5. Network Interface 2 (same as above unless noted below)
    1. Name: cnw-east-websrv
    2. Private IP Address: 10.0.1.70
  6. Network Security Group
    1. Name: cnw-east-compute
    2. Resource Group: Same as above
  7. Configure Network Security Group – Apply to Subnet:
    1. Virtual Network: Network created above
    2. Subnet: cnw-east-compute…
  8. Configure inbound rule for NSG (to allow Remote Desktop Connections)
    1. Add Inbound Security Rule:
      1. Source: IP Addresses
      2. Source IP: Public IP on your end (use the link above to identify it)
      3. Source Port Ranges: * (* means ALL)
      4. Destination: Service Tag
      5. Destination: VirtualNetwork
      6. Destination Port Ranges: 3389
      7. Protocol: Any
      8. Action: Allow
      9. Priority: 100
      10. Name: RDP_in_allow
      11. Description: in your own words
  9. Firewall Rules > Add NAT Rule Collection
    1. “cnw-east-compute-LFNI” Priority 100
      1. Rule 1:
        1. Name: RDP-allow-websrv
        2. Protocol: TCP, UDP
        3. Source Address: (your public IP)
        4. Destination Address: (Azure Public IP)
        5. Destination Port: 33890
        6. Translated Address: 10.0.1.70
        7. Translated Port: 3389
      2. Rule 2 (same as above unless otherwise noted):
        1. Name: RDP-allow-client01
        2. Destination Port: 33891
        3. Translated Address: 10.0.1.80
  10. Virtual Machine 1 (These will auto-generate a new NIC which you will remove and replace with the earlier NIC’s you’ve created)
    1. Name: cnw-client01
    2. Region: East US
    3. User Name: LNFI
    4. Password: Fullsail11!!
    5. Availability Options: None
    6. Image: Windows 10 Enterprise, 22h2, any generation – Note that any version of Windows 10 should be okay if those aren’t listed for you
    7. Size: Standard D2s_v3
    8. Disks: Standard SSD, Use Managed Disks
    9. Network: cnw-east-compute
    10. Public IP: NO
    11. NIC Security Group: None
    12. Management: All options OFF, Security: Basic
    13. Advanced: All options OFF
  11. Virtual Machine 2 (These will auto-generate a new NIC which you will remove and replace with the earlier NIC’s you’ve created)
    1. Name: cnw-websrv
    2. Region: East US
    3. Username and Password: same as above
    4. Availability Options: None
    5. Image: Windows Server 2019, 2022, or 2025 (2025 may or may not work, but any version of these OS’ should be okay, see the walkthrough for more detail)
    6. Size: Standard D2s v3
    7. Disks: Standard SSD, Use Managed Disks
    8. Network: cnw-east-compute
    9. Public IP: NO
    10. NIC Security Group: None
    11. Management: All options OFF, Security: Basic
    12. Advanced: All options OFF

Final Configurations and Testing

  1. Go to the Virtual Machine overview and select “STOP” at the top of the list, this will turn the VM’s off. (may take a couple of minutes)
  2. Go to each of the VM’s overview and select “Networking”
    1. Attach the NIC you’ve previously created for the VM you are configuring.
    2. Once the new NIC is attached, detach the auto-generated one.
  3. Go to Network Interfaces in the sidebar, and delete both of the auto-generated NIC’s
  4. Go to Virtual Networks in the sidebar, select your virtual network
    1. Select DNS Servers, change to “Custom”
    2. Input two DNS Servers: 10.0.1.70 and 8.8.8.8
    3. Be sure to save your changes
  5. Go to Virtual Machine overview and select “START” for both VM’s. (this may take a couple of minutes)
  6. Download the Microsoft Remote Desktop client applicable for your computer
    1. Select “+” to add a new RDP connection
    2. Connection Name: CNW-websrv
    3. PC Name: x.x.x.x:33890 (x.x.x.x = your Azure public IP)
    4. No gateway configured
    5. User name and password: As configured for each VM above
    6. Close out the configuration window, and double click to connect to your server
    7. Repeat this procress for your client machine
      1. Connection Name: CNW-client01
      2. PC Name: x.x.x.x:33891 (x.x.x.x = same IP as above)
      3. Close out the window and connect to your client

PLEASE NOTE: If you have verified that your NSG and ingress access rules are configured correctly, but still cannot RDP into your VM’s, please just note that RDP was not able to connect and any troubleshooting steps you took, in place of the RDP screenshots. Sometimes, depending on the network a student is using, RDP is unable to traverse the home network or hot-spots.

Required Screenshots

The following screenshots should show the configurations identified in lab, for each component (PLEASE NUMBER AND LABEL YOUR SCREENSHOTS):

  1. Resource Groups – Resource Group “LNFI-MMYYYY” Properties Page (showing all provisioned resources for this activity)
  2. Public IP’s – Public IP “cnw-east-PIP-LNFI” Overview Page
  3. Virtual Networks – Virtual Network “cnw-east-LNFI” Overview Page
    1. Subnets Page – showing the two configured subnets
    2. Diagram Page – showing 2 VM’s, 2 NIC’s, 1 NSG, 2 Subnets
  4. Network Interfaces – List of both NIC’s created (conforming to lab requirements)
  5. Net Security Groups – NSG “cnw-east-compute” Overview Page
  6. Firewalls“cnw-east-fw-LNFI” > Rules > NAT Rule list for “cnw-east-compute-LNFI” showing the two RDP inbound rule configurations
  7. Virtual Machines:
    1. Overview page for CNW-CLIENT01
    2. Overview page for CNW-WEBSRV
  8. While connect to each VM via RDP:
    1. “ipconfig /all” on CNW-WEBSRV
    2. “ipconfig /all” on CNW-CLIENT01
    3. PLEASE NOTE: If you have verified that your NSG and ingress access rules are configured correctly, but still cannot RDP into your VM’s, please just note that RDP was not able to connect and any troubleshooting steps you took, in place of the RDP screenshots. Sometimes, depending on the network a student is using, RDP is unable to traverse the home network or hot-spots.
  9. All Resources Page showing all resources deleted (not on the list)

There should be 13 individual screenshots.

Requirements:

timer
Struggling with your essay and deadlines?

Get this or a similar paper done in as fast as 4 hours, 24/7.

NB: We do not sell prewritten papers. All essays are written from scratch according to specific needs and instructions

✔Secure Service ✔ Plagiarism Free ✔On-time Delivery

WRITE MY PAPER

Comments

Leave a Reply