How to Set Up Networking in Microsoft Azure
This is what we are going to do in Azure:
Azure networking
Create VNET in Azure
Azure Bastion setup
Azure Firewall configuration
Deploy nginx on Azure VM
Azure virtual network
Azure network security
Azure VM SSH access
Azure custom data
Azure user data
Creation of VNET :
First, we need to create a resource group to create any resource in Azure.
In the search bar, look for virtual networks and select it.
Select the resource group and subscription, name the virtual network, and choose the nearest region to access the virtual machine faster.
For creating Bastion, you need to select the option here.
What is Bastion?
It's a service provided by Azure that allows you to access a virtual machine in two ways: one is local SSH, and the other is Bastion.
Create a firewall, name it, and set up a policy to define rules for application filtering.
Keep it default or customize it using CIDR blocks, then click on review and create to proceed.
go to the networking tab in VNET and select default subnet
Select as shown in the image to allow SSH access from the laptop.
We are not enabling load balancing now because it's a small application.
what is custom data?
We will write code to download nginx and all HTML pages using custom data, so we don't need to make any changes directly in the virtual machine.
What is User Data?
It's the opposite of custom data, where we want to perform hands-on tasks directly in the virtual machine.
Creating the VNET takes more time, and you can see Bastion, Firewall, default Fire net, and two subnets also created during the VNET creation.
Create a virtual machine to access, write, and deploy the application.
But here we can't see the public IP because we created a firewall, and the firewall's IP address is the public IP address of the virtual machine.
Now, to access the virtual machine, we need to go through the Bastion, which is the built-in shell of Azure.
Select SSH private key authentication from a local file during VM creation, download the key to access the VM, enter the user, and select the file from your PC.
After that u will be redirected into this
Type SUDO -SU to access the bash
and command apt-get update Update the VM
To install install nginx into the VM Command : apt-get install nginx-y
Now u can create a directory as cd /var/www/html/
vim index.html and type the code based on your interest
We need to restart the nginx because we written the code
Command : systemctl restart nginx
inorder to access the appllication form the browser we need to give permissions so select on firewall policy
And at the side drop down menu select DNAT Rules DNAT stands for network address translation now we need to create a connection rule here
Give a name to your firewall and and rule connection type keep it default and priority
what is priority?
Let's say there are many rules; to access them efficiently, we set a priority for the main rules so we can use them more effectively.
in the collection we need to create the rule
Keep it simple by setting everything to default, naming your rule, selecting all source types as IP address, and pasting your IP address (found via a Google search for "my IP") near the source IP address.
In the destination ip-address give the public ip-address of the firewall
and then check the html code is working or not in the vm
Run Command : curl localhost:80
And set the protocol as TCP and the destination port as per your requirement.
In the translated IP address, enter the private IP address of the virtual machine.
Copy the public IP of the firewall, attach the port number, and enter it in the browser.
Hurray, we succeeded!
Setting up networking in Microsoft Azure involves several critical steps, from creating a virtual network (VNET) to configuring firewalls and deploying applications. By following the outlined process, you can ensure secure and efficient access to your virtual machines and applications. Utilizing Azure Bastion for secure SSH access, setting up Azure Firewall for robust security, and deploying applications like Nginx on Azure VMs are essential components of a well-architected Azure environment. This guide provides a comprehensive approach to establishing a secure and functional network infrastructure in Azure, enabling you to manage and deploy your applications with confidence.