BLSL - SQL Server 2014€¦ · For a smoother lab experience, use full screen mode and password paste features of you lab client. If you have any problems accessing the student portal,

ModernBiz Grow Efficiently Track 3

Lab: Setup Azure Virtual Network and

Gateway

Page 2

© Copyright 2015 Microsoft Corporation. All rights reserved.


Terms of Use

© 2015 Microsoft Corporation. All rights reserved.

Information in this document, including URL and other Internet Web site references, is subject to

change without notice. Unless otherwise noted, the companies, organizations, products, domain

names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no

association with any real company, organization, product, domain name, e-mail address, logo, person,

place, or event is intended or should be inferred. Complying with all applicable copyright laws is the

responsibility of the user. Without limiting the rights under copyright, no part of this document may

be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any

means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without

the express written permission of Microsoft Corporation.

For more information, see Microsoft Copyright Permissions at

http://www.microsoft.com/permission

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual

property rights covering subject matter in this document. Except as expressly provided in any

written license agreement from Microsoft, the furnishing of this document does not give you any

license to these patents, trademarks, copyrights, or other intellectual property.

The Microsoft company name and Microsoft products mentioned herein may be either registered

trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The

names of actual companies and products mentioned herein may be the trademarks of their

respective owners.

This document reflects current views and assumptions as of the date of development and is

subject to change. Actual and future results and trends may differ materially from any

forward-looking statements. Microsoft assumes no responsibility for errors or omissions in

the materials.

THIS DOCUMENT IS FOR INFORMATIONAL AND TRAINING PURPOSES ONLY AND IS PROVIDED

"AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING

BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A

PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

http://www.microsoft.com/permission

Page 3 © Copyright 2015 Microsoft Corporation. All rights reserved.


Lab: Azure Pass Setup / Tenant Setup During this lab, you will setup your Microsoft Azure pass, a tenant for class, and create a

resource group using Azure Resource Manager using the new portal. You will also create

resources in your new tenant resource group using the new portal.

Estimated time to complete this lab: 30 minutes

Tip: When working in the lab environment, here are a couple of tips:

1. From the Display menu, go to full screen mode when working inside of a lab VM. This will reduce the amount of scrolling you do.

2. When logging on to a VM, use the shortcuts from the Commands menu to send Ctrl + Alt + Del to the VM, and to paste the Administrator password when Logging on.

If you have any questions on how to use these features, ask your instructor for help.

Page 4



Exercise 0: Azure Promo Code Redemption

Task 1: Create a new Windows Live ID and email address for class

Important: Only perform this exercise if you have not already redeemed an Azure pass for class. If you have already redeemed an Azure pass and setup an Azure account for class, then skip this exercise and use the Azure account you have already provisioned.

This exercise is included with all labs that require an Azure account to support the modular structure of the tech series. If you have any questions as to whether you need to perform this exercise, ask your instructor for guidance.

Note: Perform this task from within you student lab portal using VM: GE3-HOL-0001-GTWY

1. Logon to the student portal using the live ID you registered with for this class

2. Launch the GE3-HOL-0001 environment (cumulative lab environment for all Azure labs)

3. Log onto GE3-HOL-0001-GTWY using account Contoso\Administrator with password

Passw0rd!

Note: For a smoother lab experience, use full screen mode and password paste features of you lab client. If you have any problems accessing the student portal, ask your instructor for help

4. Open Internet Explorer and navigate to www.outlook.com

5. Click the link to Sign up now

http://www.outlook.com/



6. Create a new Outllook.com account with a unique ID starting with MBIZlab, for example

[email protected], fill in the First Name of MBIZ, a Last Name of LabXXXXXX

(make a unique string), and set a password. Document your password you will need it on

the next task.

7. Make a note of your Email address, and password. You will need this information later

8. Fill in the rest of your information and click Create Account

9. On the Welcome to inbox page, click Next to go to Inbox

10. Keep Internet Explorer open and stay logged on to Outlook.com as your new account

mailto:[email protected]

Page 6



Task 2: Redeem your Azure pass using a monetary promo code

1. Acquire your Azure Pass Promo code for class. It should be an alpha-numeric code and

look similar to this:

2. To redeem an Azure Pass promo code, open a new tab on the Internet Explorer session

you started in Task 1, and navigate to http://www.microsoftazurepass.com

3. Select your country and paste in your promo code then click Submit

4. Click Sign in

http://www.microsoftazurepass.com/



5. If the information does not populate, type in the account information you documented from

Task

6. Click Submit

7. Click Activate

8. Agree to the terms and conditions, enter a phone number, and click Sign up

Page 8



9. Once the account is provisioned, click Purchase (no charges or credit information is

needed).

10. Click Start Managing your Services and you will be redirected to the Azure Portal



Exercise 1: Azure Virtual Networks In this exercise, you will create a virtual network, DNS service, IP address space, virtual IP

address, and a point-to-site VPN, and deploy a VM to the tenant network.

Note: You may not use all virtual machines in every lab. This is a cumulative lab environment for all Azure labs to support the modular structure of the tech series.

Servers in this lab environment:

GE3-HOL-0001-DC1

GE3-HOL-0001-GTWY

GE3-HOL-0001-HV1

GE3-HOL-0001-SRV1

GE3-HOL-0001-CLI1

Important: Before logging on to Azure for the first time, set the time zone on your lab VMs to the local time zone otherwise you may encounter authentication issues logging onto the Azure portal due to time differences between local VM and the cloud services.

Task 1: Document your on-premise VPN gateway address


1. Document your VPN device IP Address:

Note: For this lab environment, the on premises VPN device is the WebNet interface on GE3-HOL-0001-GTWY. It is an internet facing routable IP address and will be used by Windows Server 2012 R2 Routing and Remote access as the VPN end point on-premises.

a. Connect to GE3-HOL-0001-GTWY. Your lab environment automatically logs

you on as Contoso\Administrator with password Passw0rd!

Page 10



Note: If you need to re-authenticate to any server during this lab, use the credentials: Contoso\Administrator with password Passw0rd!

b. Open Network and Sharing Center from the Systray and click Change

Adapter Settings

c. Right click on WebNet and click Status

d. Click Details

e. Document your IPv4 Address (IP Addresses will vary)



Task 2: Create an Azure Virtual Network using the new Azure Portal


More: When creating a virtual network in the new Azure Management portal, you can select either Classic Deployment or Resource Manager Deployment for the resource. In this lab, you will use classic deployment mode. This provides simpler process for setup and deployment over Resource Manager Deployment mode. However for service providers and organization which need to do large-scale deployments of many similar virtual networks with complex requirements, Resource Manager Deployment mode offer a more granular and repeatable deployment infrastructure. For more information on setup of Virtual Networks and connections using the Resource Manager model see the online Azure Documentation:

1. Open Internet Explorer and logon to the Azure Management Portal using the

credentials you are using for class. The new Azure Mangement Portal URL is

https://portal.Azure.com

https://portal.azure.com/

Page 12



2. Click New Networking Virtual Network

3. For Deployment Model, click Classic and click Create

4. Name the new virtual network Tenant1-VNET

5. During the VNET creation process, use the provisioning UI (Right Arrow) to create a

new Resource Group named Tenant1-RG and click OK in the Resource Group

creation window to create the new Resource group on the fly.

6. Take the default value on the subscription and select you geographical area then

click create



7. The new portal will bring you out to the Dashboard where you can monitor the

creation of the new VNET.

8. Wait for the VNET to finish provisioning

9. Once the VNET has finished provisioning, you'll see the tile active in the dashboard

and you'll see the task completed in the notification area

10. Stay logged onto the Azure Portal for the next task

Page 14



Task 3: Configure Address Space and Subnets Every VNET has at least one address space. This address space is for resources like VM's in

the VNET. The default configuration uses a 10.0.0.0 /16 range allocated for your VNET. Each

address space has to have at least one subnet for routing and isolation. If you plan you use a

site-to-site VPN or a Point-to-site VPN, you will need to setup a gateway and allocate a

subnet for the gateway.


1. After provisioning, you will see a summary pane with the essential information.

2. From the Settings pane on the right, click Properties. Notice that you can change

the Resource Group and Subscription, but cannot change the location. To change the

location, delete and re-create the VNET in the correct location.

3. From the Settings pane on the right, click Address Space. Notice that you have a

single address space to support up 65,536 address. From here, you can create new

address spaces as needed and use the new Connection object in Azure to route

between address spaces.



4. From the Settings pane on the right, click Subnets. Notice that you have a single

subnet with 251 usable addresses. You can create new subnets as needed to isolate

traffic. All subnets are routable by default.

5. Click Add + to create a new subnet for the S2S VPN Gateway

6. Name the new subnet GWSubnet and take the default range.

7. Click OK to create the new subnet. You can monitor the update to the VNET using

the notification area of the portal. Once the VNET is updated, you should see two

subnets:

Page 16



8. From the Settings pane on the right, click DNS Servers. Notice that you do not have

any custom DNS servers configured. This means that any host provisioned on this

network will use the Azure DNS infrastructure. Since this network will be used to

run Azure VMs that will authenticate the on-premises Active Directory (hybrid

cloud design), you will point to the on premises domain controller (DC1) for DNS.

This will be possible once the site-to-site VPN is up and running.

9. Type in 192.168.1.1 for custom DNS server IP address and click Save

10. Once settings are saved, stay logged on for the next task.

Task 4: Configure a Gateway and Site to Site VPN (Azure side) In order to support a hybrid cloud scenario, you will need to have some type of VPN (Point-

to-site, site-to-site, or ExpressNet) configured on the Azure side. In this exercise, you will

prepare the Azure side of the hybrid cloud by creating a gateway and site-to-site VPN end-

point.


1. If you're not already logged onto the Azure portal (https://portal.azure.com) then

logon using the credentials you're used for the previous tasks.

2. Either from the Resources property inside of the Tenant1-RG resource group or

from the All Resources section of the portal, bring up the settings for the Tenant1-

VNET.

https://portal.azure.com/



3. Click the grey box in the topology pane to get started created a site-to-site VPN

4. Verify that Site-to-Site is selected for connection type:

5. Click the right arrow next to local site. Local site refers to the address space and VPN

end-point on the on-premises side of the VPN. You will need the WebNet IP address

you documented earlier in the lab.

Page 18



6. Name the gateway VNET-gateway and set the IP address (on-premise, Internet

facing, VPN address) to the WebNet address you documented earlier in the lab.

Don’t use the address in the screenshot, use your address. Address will vary. For

the on-premises address space, use 192.168.1.1 /24. This will route any packets

destined for 192.168.1.1 - 192.168.1.254 to the VPN and ultimately the on-premises

environment.

7. Click OK to close the IP Address Settings window

8. Check the box to Provision the Gateway Now.

9. Click OK to provision the gateway.

This process will take about 30 minutes. Do not wait for the process to continue.

You will return to the second part of this lab later in the module. Your instructor will

spend the next 20-30 minutes delivering slides.

Documents

BLSL - SQL Server 2014€¦ · For a smoother lab experience, use full screen mode and password paste features of you lab client. If you have any problems accessing the student portal,