Giri Azure Cloud Architect Blogs

 Configure Point-to-Site Connection Next step of this configuration is to configure the point-to-site connection. In here we will define client ip address pool as well. It is for VPN clients.   Click on newly created VPN gateway connection. Then in new window click on  Point-to-site configuration   After that, click on  Configure Now   In new window type IP address range for VPN address pool. In this demo I will be using  172.16.25.0/24 . For tunnel type use both  SSTP & IKEv2 . Linux and other mobile clients by default use  IKEv2  to connect. Windows also use  IKEv2  first and then try  SSTP . For authentication type use  Azure Certificates .     In same window there is place to define root certificate. Under root certificate name type the cert name and under public certificate data, paste the root certificate data ( you can open cert in notepad to get data).   Then click on  Save  to complete the process.     Note  : when you paste certificate data, do not copy -----BEGIN CERTIFI

Create a self-signed root certificate: Use the New-SelfSignedCertificate cmdlet to create a self-signed root certificate. For additional parameter information, see New-SelfSignedCertificate. From a computer running Windows 10 or Windows Server 2016, open a Windows PowerShell console with admin privileges.  Use the following example to create the self-signed root certificate.  PowerShell Copy $cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature ` -Subject "CN=P2SRootCert" -KeyExportPolicy Exportable ` -HashAlgorithm sha256 -KeyLength 2048 ` -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign Leave the PowerShell console open if you want to create a client certificate right after creating this root certificate. Generate a client certificate Each client computer that connects to a VNet using Point-to-Site must have a client certificate installed. You generate a client certificate from the self-signed root certi

You can use the following values to create a test environment, or refer to these values to better understand the examples in this article: VNet Name:  VNet1 Address space:  10.1.0.0/16 For this example, we use only one address space. You can have more than one address space for your VNet. Subnet name:  FrontEnd Subnet address range:  10.1.0.0/24 Subscription:  If you have more than one subscription, verify that you are using the correct one. Resource Group:  TestRG1 Location:  East US GatewaySubnet:  10.1.255.0/27 Virtual network gateway name:  VNet1GW Gateway type:  VPN VPN type:  Route-based Public IP address name:  VNet1GWpip Connection type:  Point-to-site Client address pool:  172.16.201.0/24 VPN clients that connect to the VNet using this Point-to-Site connection receive an IP address from the client address pool.

Networking is a critical component of any cloud infrastructure. IT teams need to connect resources and optimize application performance -- all of which depends on solid network architecture. Azure Virtual Network (VNet):   An Azure VNet is an isolated network within the Azure cloud that enables enterprises to securely connect cloud resources, such as VMs. Can create multiple VNets within an Azure subscription or region.  Azure Load Balancer:  Azure Load Balancer is a Layer 4 load balancer designed to ensure high availability. IT teams can configure the service to perform internet-facing load balancing, which balances incoming traffic from the internet among Azure VMs, as well as internal load balancing, which manages traffic among VMs in a VPN. Azure Application Gateway:  Azure Application Gateway is an application delivery controller service that offers Layer 7 load balancing. Its features include HTTP load balancing, URL-based content routing and multisite routing.  Azure VPN

How do I create an Azure Storage Account​? This is step-by-step instruction to create an Azure Storage Account using the legacy Azure Portal: ​Visit  https://manage.windowsazure.com Go to  Storage .​ Click  New . Select  Storage  >  Quick Create . ​​Choose a URL for the storage. ​​Select the location of the storage. In the Replication field, select  Geo-Redundant . Click  ​ Create Storage Account . Now the storage account appears in the storage list. ​​​This is step-by-step instruction to create an Azure Storage Account using the new Azure Portal: ​Visit ​ https://portal.az​ure.com​ Click  New .​ Select  Storage  >  Storage account . Enter a name for your storage account.​ Choose  Resource manager​  for the Deployment model. Choose  Blob storage  for the Account kind.​​ Note:  If you are using the v2 endpoint for a document migration, you need to select  STORAGEV2 (general purpose v2). In the Replicatio n field,  select  Read-access geo-redundant storage (RA-GRS) . Select the sub