Exportera (0) Skriv ut
Visa allt
EN
Det här innehållet finns inte tillgängligt på ditt språk men här finns den engelska versionen,

About Virtual Network Settings in the Management Portal

Updated: October 14, 2014

You have two options for creating and configuring a virtual network. You can either configure your network manually by using a network configuration file, or you can configure your virtual network by using the Management Portal. The first time you create a virtual network in Azure, we recommend using the Custom Create wizard in the Management Portal. This wizard creates a network configuration file (.xml) for your virtual network. After you create your first virtual network via the Management Portal, you can then export the .xml configuration file and use it as a template for creating additional virtual networks. For information about manually creating a virtual network, see Configure a Virtual Network Using a Network Configuration File.

The following sections provide details for the information you will enter on each screen in the Management Portal’s Custom Create wizard for virtual networks.
In the Custom Create wizard, you will fill out some or all of the following pages, depending on your configuration choices:

Virtual Network Details page

DNS Servers and VPN Connectivity page

Point-To-Site Connectivity page

Site-To-Site Connectivity page

Virtual Network Address Spaces page

On the Virtual Network Details page, you will create a name for your virtual network and assign it to a region.

  • NAME: The name of your virtual network.

    Naming rules:

    • Names must be unique within an Azure subscription.

    • Names must start with a letter or number, and must contain only letters, numbers, or dashes. Spaces are not allowed.

    • Name cannot be changed after the virtual network is deployed.

    • Required

  • Location: The region you want to assign your virtual network to. Regions represent the geographic area of the data center that stores your virtual network. For best performance, select a region close to where your users are located. Note: While it was previously the practice to associate a virtual network with an affinity group (the affinity group was assigned directly to the region), we now assign virtual networks to regions.

    Region rules:

    • Cannot be changed

    • Required

On the DNS Servers and VPN Connectivity page, you will specify the IP address of the DNS server(s) to use for name resolution, as well as specify the type of connectivity that you want your virtual network to have.

  • DNS SERVERS: The DNS Server(s) you want the virtual network to use. You can select an existing DNS Server that you have previously registered from the dropdown, or you can register a new DNS server. Note that you do not create a DNS server on this page, but rather reference a DNS server that already exists that you want to point to for name resolution. If you do not specify a DNS Server, Azure will use its own default DNS service. If you elect to use the Azure default DNS service, you will not be able to resolve hostnames cross-premises.
    DNS servers can be changed after your VPN has been created. However, if you have deployed virtual machines to the VPN, you must reboot them in order for them to point to the new DNS server. It is important to identify your name resolution requirements before you create your VPN if you want to create a cross-premises solution. For more information to help with this planning, see Name Resolution (DNS).

    DNS Server rules:

    • Names must start with a letter or number, and must contain only letters, numbers, or dashes. Spaces are not allowed.

    • Names must be unique within an Azure subscription.

    • You can add up to nine DNS servers.

    • Only IPv4 addresses are permitted.

    • Required if you want to connect to your company’s DNS server or a public DNS server.

  • Point–To-Site Connectivity If you want to configure on-premises client computers to connect to your virtual network and access resources by using VPN software and certificates, select this option.

  • Site-To-Site Connectivity If you want to configure a secure site-to-site cross-premises connection using a VPN device, select this option. When you select this option, you can select the name of a Local Network that you have already configured that specifies the IP address ranges that exist on your on-premises location. The IP address ranges listed will be sent through the virtual network gateway.
    If you haven’t yet configured your Local Network settings, select Specify a New Local Network from the Local Network dropdown.

  • Use ExpressRoute appears only if you have selected Configure a site-to-site VPN. Select this option only if you want to set up an ExpressRoute connection. See ExpressRoute Technical Overview for more information.

The Point-To-Site Connectivity page appears only if you selected Configure Point-To-Site VPN on the DNS and VPN Connectivity Screen. On this screen, you will specify the information that will configure the address space to be used for your point-to-site connection.

  • ADDRESS SPACE: The address space that you want to assign to cross-premises clients connecting through a point-to-site connection. Click to configure and adjust the address space accordingly. Click add address space to add additional address space.

    Address space rules:

    • Address space must be private

    • Address space must be a private address range, specified in CIDR notation 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16 (as specified by RFC 1918). Note that the following routes will be added to the client, respectively, for directing traffic from the local machine to the virtual network: 10.0.0.0/255.0.0.0, 172.16.0.0/255.255.0.0, or 192.168.0.0/255.255.255.0. This means that, for example, you may not be able to contact other 10.0.0.0/8 addresses on your local subnet.

    • Cannot overlap other virtual network or local network sites

    • Required if you have selected to configure point-to-site connectivity

    • For more information about point-to-site connections, see Point-to-site.

The Site-To-Site Connectivity page appears only if you selected Specify a New Local Network for your Site to Site VPN on the DNS and VPN Connectivity Screen. On this screen, you’ll specify the Name of your Local Network site (the friendly name that you want to use) and the VPN Device IP Address (externally facing IP address that is not behind NAT). These will be used to set up your VPN connection. You’ll also list the address range(s) that you want to send through the virtual network gateway that you will be creating for this connection. You will need to specify each range that you want to send through the gateway to allow it to be routed to your local network. The ranges that you specify here will appear on the Local Networks page after the configuration is complete. You can add and remove ranges later on the Local Networks page in the portal.

  • NAME: The name that you want to use to refer to your local network site.

  • VPN DEVICE IP ADDRESS: This is the public-facing IPv4 address for your VPN device. Note that the VPN device cannot be located behind a NAT.

  • ADDRESS SPACE: The address ranges that you want Azure to send through the gateway to your local network. Click to configure and adjust the address space accordingly. Click add address space to add additional address space.

    Address space rules:

    • Cannot overlap other virtual network or local network sites

    • Required if you have selected to configure site-to-site connectivity

  • For more information about site-to-site connections, see Site-to-site.

On the Virtual Network Address Spaces page, you will create the private address space for your new virtual network.

  • ADDRESS SPACE: The address space for your virtual network. Click to configure and adjust the address space accordingly. Click add address space to add additional address space.

    Address space rules:

    • Address space must be private

    • Address space must be a private address range, specified in CIDR notation 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16 (as specified by RFC 1918)

    • Cannot overlap other virtual network or local network sites

    • Required

  • add subnet The names and IPs for subnets to be created in your virtual network. Click add subnet to add additional subnets.

    Subnet rules:

    • Subnet IPs must be within the virtual network address space.

    • You can add multiple subnets to a virtual network.

    • Subnet IP addresses cannot overlap within the virtual network.

    • The smallest supported subnet is /29.

    • Adding a subnet is optional.

  • add gateway subnet Specify the IP addresses to be used for your virtual network gateway subnet. You can add one gateway subnet for your virtual network.

See Also

Visa:
© 2014 Microsoft