|By Kevin Remde||
|January 19, 2013 09:00 AM EST||
His article and guide was so good, in fact, that I am going to attempt to do the very same task – to create and configure a network in Windows Azure; but instead of using the Windows Azure portal, we’re going to do it entirely using PowerShell and some special Windows Azure Management Cmdlets.
“Are you out of your mind?”
Perhaps. The goal, as it was in Bob’s article, is that in the end we have a network configured and ready to securely connect to (and extend our) existing on-premises network. From Bob’s introduction:
Before we get started, it’s important to set the stage of what we’re trying to accomplish. The Windows Azure Virtual Network you are about to create establishes a Site to Site (S2S) VPN between your company’s network and the Windows Azure Cloud Service using the steps outlined below, and requires that you have an already installed VPN device on your premise. The list of currently supported VPN devices is located here. Windows Azure currently supports up to 5 S2S VPN tunnels, allowing you to have multiple Virtual Networks hosted in Windows Azure, such as a Test Network and a Production Network.
Set up PowerShell
To make this happen, of course, we’re going to have to have done a couple of things in advance:
- Get a Windows Azure account (start with the free 90-day trial),
- Get the Windows Azure PowerShell tools, and
- Follow some simple instructions to set up the secured connection for Windows Azure management.
Once you have this done, open up your Windows Azure PowerShell window, and open up notepad.
The .netcfg File
For configuring networking in Windows Azure using PowerShell, there are only two Set-AzureVNet commands:
There are Get-AzureVNet… commands that retrieve information (and objects), but for actually creating and configuring the networking, you’re going to be using an XML formatted document that has (by default) a .netcfg extension, and then using Set-AzureVNetConfig to upload that file. And then we use New-AzureVNetGateway and Set-AzureVNetGateway to configure and connect the gateway.
Again, in Bob’s article, we created a network. So as a starting point for creating the network using PowerShell, I’m going to use Get-AzureVNetConfig to retrieve his configuration into a .netcfg file.
Get-AzureVNetConfig -ExportToFile C:\Users\kevrem\Desktop\MyAzureNetworks.netcfg
And the resulting file looks something like this:
<?xml version="1.0" encoding="utf-8"?>
<NetworkConfiguration xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration">
<DnsServer name="YourDNS" IPAddress="10.1.0.4" />
<VirtualNetworkSite name="YourVirtualNetwork" AffinityGroup="KevRemWestUS">
<DnsServerRef name="YourDNS" />
<LocalNetworkSiteRef name="YourCorpHQ" />
Go ahead and copy/paste the above text into Notepad, and save it as a file named MyAzureNetworks.netcfg.
Now please note the highlighted portions. Those are unique for your account. You’ll need to put your own public VPN gateway address, and use your own pre-created affinity group.
Also note the bold text. These are the items that you customize. Put your own names and desired addresses in there, such as your DNS Server name and address. Remove or add <Subnet> </Subnet> sections, or <Subnets>.
But once you have that information, you should be able to use this file with the Set-AzureVNetConfig PowerShell cmdlet to create the same network and subnets. If you’ve saved the file (let’s say to the root of your C:\ drive), and you have the Windows Azure PowerShell window open and connected..
“How do I know it’s connected?”
Try this PowerShell command:
This should return some details on your connected subscription.
Anyway, once that’s verified, and as a first test of creating a network using PowerShell, run this:
Set-AzureVNetConfig -ConfigurationPath C:\MyAzureNetworks.netcfg
This should return successful.
Now open up the Windows Azure Portal, login, and click on the Networks tab. Do you see something like this?:
“Yes, I do!”
Good job! Click on the Local Networks, DNS Servers, and Affinity Groups tabs. You should see the values assigned and items created that match what you configured.
Back in Virtual Networks… Clicking on the network name and opening up the network details should look something like this:
Do you see the problem? We haven’t yet created and enabled the gateway. We can do that with PowerShell, too.
Create the Gateway
To do this, we’ll use the New-AzureVNetGateway command, and specify the name we used for our Azure NetworkThe command for our example looks like this:
New-AzureVNetGateway –VNetName “YourVirtualNetwork”
Once you run that, if you refresh the Windows Azure Portal screen, you’ll see this:
The creation of the gateway may take as long as 15 minutes. You can also check the status of this creation by using the Get-AzureVNetGateway cmdlet.
In fact, you can see from my result in PowerShell that my gateway creation has completed, and my gateway address assigned. Now the Windows Azure Portal looks like this:
But we still have one more thing to accomplish. We haven’t yet connected our Azure network to our corporate network.
Connect the Gateway
This is also very simple: Set-AzureVNetGateway is the cmdlet we’ll use.
Set-AzureVNetGateway -Connect –LocalNetworkSiteName “YourCorpHQ” –VNetName “YourVirtualNetwork”
Which shows up on the Windows Azure Portal like this:
Of course, it’s not going to succeed in connecting until we actually have something to connect to on the corporate side. As you’ll recall, there are specific VPN endpoint devices that are supported on the corporate side, and to configure them you can use the Windows Azure Portal to download the Configuration as well as the Shared Key.
“But.. can you do that with PowerShell, too?”
Absolutely. Well, two out of three, anyway…
Get the Gateway IP Address and Shared Key
There are three things you’ll need to configure the VPN device on your corporate side:
- The Gateway IP Address
- The Shared Key, and
- A Device Configuration Script
You can use the Get-AzureVNetGateway cmdlet to find the Gateway IP Address:
Get-AzureVNetGateway -VNetName YourVirtualNetwork
To get the shared key, use the Get-AzureVNetGatewayKey cmdlet:
Get-AzureVNetGatewayKey -LocalNetworkSiteName YourCorpHQ -VNetName YourVirtualNetwork
For the getting a script that will automatically configure your device, you’re still want to use the Windows Azure Portal. Down at the bottom of the page while looking at your network dashboard, you see the “Download” button:
Click that, and then walk through the wizard to select your device type and version information.
The result will be a script that can be used by your VPN / Network administrator to configure the device. You can get the VPN configuration script from the Management Portal or from the About VPN Devices for Virtual Network section of the MSDN library. For more information, see Establish a Site-to-Site VPN Connection and your VPN device documentation.
The remainder of this article is “borrowed” directly from the end of Bob Hunt’s excellent article:
The procedure assumes the following:
The VPN device has been configured at your company.
To configure the VPN device:
Modify the VPN configuration script. You will configure the following:
a. Security policies
b. Incoming tunnel
c. Outgoing tunnel
Run the modified VPN configuration script to configure your VPN device.
Test your connection by running one of the following commands:
Check main mode SAs
show crypto isakmp sa
show crypto isakmp sa
get ike cookie
show security ike security-association
Check quick mode SAs
show crypto ipsec sa
show crypto ipsec sa
show security ipsec security-association
Once the Virtual Network tests out, you’re ready to go. Enjoy!
Thanks, Bob. I think we will!
Successful digital transformation requires new organizational competencies and capabilities. Research tells us that the biggest impediment to successful transformation is human; consequently, the biggest enabler is a properly skilled and empowered workforce. In the digital age, new individual and collective competencies are required. In his session at 19th Cloud Expo, Bob Newhouse, CEO and founder of Agilitiv, will draw together recent research and lessons learned from emerging and established ...
Oct. 23, 2016 11:00 PM EDT Reads: 1,260
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
Oct. 23, 2016 10:30 PM EDT Reads: 4,565
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Oct. 23, 2016 09:45 PM EDT Reads: 1,866
November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Penta Security is a leading vendor for data security solutions, including its encryption solution, D’Amo. By using FPE technology, D’Amo allows for the implementation of encryption technology to sensitive data fields without modification to schema in the database environment. With businesses having their data become increasingly more complicated in their mission-critical applications (such as ERP, CRM, HRM), continued ...
Oct. 23, 2016 09:15 PM EDT Reads: 978
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
Oct. 23, 2016 09:00 PM EDT Reads: 5,991
In past @ThingsExpo presentations, Joseph di Paolantonio has explored how various Internet of Things (IoT) and data management and analytics (DMA) solution spaces will come together as sensor analytics ecosystems. This year, in his session at @ThingsExpo, Joseph di Paolantonio from DataArchon, will be adding the numerous Transportation areas, from autonomous vehicles to “Uber for containers.” While IoT data in any one area of Transportation will have a huge impact in that area, combining sensor...
Oct. 23, 2016 09:00 PM EDT Reads: 738
SYS-CON Events announced today that Enzu will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to focus on the core of their online busine...
Oct. 23, 2016 08:45 PM EDT Reads: 1,286
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
Oct. 23, 2016 08:30 PM EDT Reads: 1,717
SYS-CON Events announced today that Cloudbric, a leading website security provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Cloudbric is an elite full service website protection solution specifically designed for IT novices, entrepreneurs, and small and medium businesses. First launched in 2015, Cloudbric is based on the enterprise level Web Application Firewall by Penta Security Sys...
Oct. 23, 2016 08:30 PM EDT Reads: 1,105
SYS-CON Events announced today that Roundee / LinearHub will exhibit at the WebRTC Summit at @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LinearHub provides Roundee Service, a smart platform for enterprise video conferencing with enhanced features such as automatic recording and transcription service. Slack users can integrate Roundee to their team via Slack’s App Directory, and '/roundee' command lets your video conference ...
Oct. 23, 2016 07:30 PM EDT Reads: 2,073
Established in 1998, Calsoft is a leading software product engineering Services Company specializing in Storage, Networking, Virtualization and Cloud business verticals. Calsoft provides End-to-End Product Development, Quality Assurance Sustenance, Solution Engineering and Professional Services expertise to assist customers in achieving their product development and business goals. The company's deep domain knowledge of Storage, Virtualization, Networking and Cloud verticals helps in delivering ...
Oct. 23, 2016 06:45 PM EDT Reads: 1,011
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smar...
Oct. 23, 2016 05:30 PM EDT Reads: 850
SYS-CON Events announced today that SoftNet Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. SoftNet Solutions specializes in Enterprise Solutions for Hadoop and Big Data. It offers customers the most open, robust, and value-conscious portfolio of solutions, services, and tools for the shortest route to success with Big Data. The unique differentiator is the ability to architect and ...
Oct. 23, 2016 05:00 PM EDT Reads: 756
“Media Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. CloudBerry Backup is a leading cross-platform cloud backup and disaster recovery solution integrated with major public cloud services, such as Amazon Web Services, Microsoft Azure and Google Cloud Platform.
Oct. 23, 2016 04:30 PM EDT Reads: 1,330
SYS-CON Events announced today that Embotics, the cloud automation company, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Embotics is the cloud automation company for IT organizations and service providers that need to improve provisioning or enable self-service capabilities. With a relentless focus on delivering a premier user experience and unmatched customer support, Embotics is the fas...
Oct. 23, 2016 04:30 PM EDT Reads: 810
In the next five to ten years, millions, if not billions of things will become smarter. This smartness goes beyond connected things in our homes like the fridge, thermostat and fancy lighting, and into heavily regulated industries including aerospace, pharmaceutical/medical devices and energy. “Smartness” will embed itself within individual products that are part of our daily lives. We will engage with smart products - learning from them, informing them, and communicating with them. Smart produc...
Oct. 23, 2016 04:15 PM EDT Reads: 1,479
As ridesharing competitors and enhanced services increase, notable changes are occurring in the transportation model. Despite the cost-effective means and flexibility of ridesharing, both drivers and users will need to be aware of the connected environment and how it will impact the ridesharing experience. In his session at @ThingsExpo, Timothy Evavold, Executive Director Automotive at Covisint, will discuss key challenges and solutions to powering a ride sharing and/or multimodal model in the a...
Oct. 23, 2016 03:30 PM EDT Reads: 1,494
SYS-CON Events announced today that Coalfire will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, health...
Oct. 23, 2016 03:30 PM EDT Reads: 1,537
A completely new computing platform is on the horizon. They’re called Microservers by some, ARM Servers by others, and sometimes even ARM-based Servers. No matter what you call them, Microservers will have a huge impact on the data center and on server computing in general. Although few people are familiar with Microservers today, their impact will be felt very soon. This is a new category of computing platform that is available today and is predicted to have triple-digit growth rates for some ...
Oct. 23, 2016 03:00 PM EDT Reads: 34,080
SYS-CON Events announced today that Transparent Cloud Computing (T-Cloud) Consortium will exhibit at the 19th International Cloud Expo®, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The Transparent Cloud Computing Consortium (T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data proces...
Oct. 23, 2016 02:15 PM EDT Reads: 1,337