This post is part of a series of deep dive session into different modules within Azure Infrastructure as a Service offering. This post covers the Azure IAAS Module: Network, its deployment steps and configuration.

Some basic features that we would be looking at implementing within our Azure Network Layer:

  1. DNS Server and its IP for the VM’s to relay DNS queries to.
  2. VPN – Would you be implementing Point to Site VPN or Site to Site VPN
  3. Location – Which Datacentre within the Azure platform would the Virtual Machines be deployed to
  4. Virtual Network Address Space – This is the key component that needs a lot of planning beforehand.


What needs to be done first?

Work on the Virtual Network Address Space. For example if the platform is being deployed to host a SharePoint platform, then define the IP address range for all the servers that would become part of the farm. This includes all the Domain Controllers, SQL Servers, SharePoint servers etc.

For the sake of this post, the network that is being created will be to deploy a complete SharePoint farm which would include:

  1. 2 Domain Controllers
  2. 2 SQL Servers
  3. 2 SharePoint Servers
  4. Point to Site VPN for the SharePoint developers to connect directly to the SharePoint servers.


Steps Involved:

  1. Log onto the Azure Management Portal and browse to the Network Module

  2. Click on Create a Virtual Network
  3. Give a name for the network but make sure, that the location for the network is the Azure Datacentre that the Virtual Machines would be deployed onto.

    Tip: If you plan the network address, subnets for the different components the next few sections will be a breeze.


  4. Based on the network space decisions, fill out the DNS Servers, in this case 2 domain controllers and also choose the Point to Site VPN option to connect to the servers via VPN as opposed to RDP via their Public IP.

  5. If a VPN option has been chosen within the previous page, then get ready to choose the IP range that is allocated to the machines when they connect to the Azure Network via VPN. This example shows that any external user/machine that connects to this Azure Network would be allocated an IP from the space. As per the CIDR, around 254 IP addresses can be used from this pool. This can be increased by changing the CIDR.

  6. On the next screen, remember to modify the Starting IP to the one that has been planned to be used. Also make sure to change the Address count to meet all the IP Addresses that would be required from this platform. In this example, the Starting IP is with a /16 giving this platform around 65k usable IP’s (note: some can’t be used as it would be required to be reserved for the Gateway Subnet). Once that is done, go ahead and create the various subnets that would contain the VM’s. For this example, 3 subnets where created, 1 for the Domain Controller, 1 for the SQL servers and another 1 for the SharePoint servers.


  7. Before clicking next, add a Gateway Subnet. If not chosen, the following error would be displayed promoting for one to be created:

  8. And we are away

Backup Backup Backup your network Configuration

So how do we back these settings up? Look towards the bottom of the screen that displays these two Icons and click on the Export Option and choose to save the XML file that has been generated

The exported XML File


Save this file somewhere else as well, since this XML file can be used to do all the manual steps that we completed above to be deployed via PowerShell.


Deploying Azure Network via PowerShell

First and foremost, let’s delete the Azure Network that was deployed using the Portal Wizard before redeploying this network configuration using PowerShell.

#Code to Create a new Azure Network based on Pre-Configured Network Configuration File


# 1. Select the Azure Subscription
Select-AzureSubscription $AzureSubscription
"$AzureSubscription has been selected"

# 2. Deploying Network Configuration
Set-AzureVNetConfig -ConfigurationPath $NetworkConfigurationFilePath

Deployment Window

On the Management Portal


To create the Point to Site VPN steps head over to this link which is part of the series that explains how to deploy SharePoint development servers within Azure on the fly.

Create Point to Site VPN