Scribd
Upload
4 views2 pages

Branch

The document outlines the steps to create a Branch Virtual Network (VNet) in Azure, including setting up a resource group, VNet, subnet, and Network Security Group (NSG). It also details the creation of a virtual machine (VM) within the VNet and establishes VNet peering between the Head Office and Branch VNet. The configuration ensures a non-overlapping IP range and allows SSH access for internal management.

Uploaded by

combined.firefly.mwzj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
4 views2 pages

Branch

The document outlines the steps to create a Branch Virtual Network (VNet) in Azure, including setting up a resource group, VNet, subnet, and Network Security Group (NSG). It also details the creation of a virtual machine (VM) within the VNet and establishes VNet peering between the Head Office and Branch VNet. The configuration ensures a non-overlapping IP range and allows SSH access for internal management.

Uploaded by

combined.firefly.mwzj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

# Variables for Branch VNet

BRANCH_RESOURCE_GROUP="rg_sb_eastus_64792_1_173758583281"
BRANCH_LOCATION="westus"
BRANCH_VNET_NAME="BranchVNet"
BRANCH_SUBNET_NAME="BranchSubnet"
BRANCH_VM_NAME="BranchVM"
BRANCH_NSG_NAME="BranchNSG"

# Create the Branch VNet with a non-overlapping IP range (192.168.0.0/16) and one
subnet
az network vnet create \
--resource-group $BRANCH_RESOURCE_GROUP \
--location $BRANCH_LOCATION \
--name $BRANCH_VNET_NAME \
--address-prefixes 192.168.0.0/16 \
--subnet-name $BRANCH_SUBNET_NAME \
--subnet-prefixes 192.168.1.0/24

# Create a Network Security Group (NSG) for the Branch Subnet


az network nsg create \
--resource-group $BRANCH_RESOURCE_GROUP \
--name $BRANCH_NSG_NAME

# Allow SSH in the Branch NSG (optional, for internal access)


az network nsg rule create \
--resource-group $BRANCH_RESOURCE_GROUP \
--nsg-name $BRANCH_NSG_NAME \
--name AllowSSH \
--priority 1000 \
--access Allow \
--protocol Tcp \
--direction Inbound \
--source-address-prefix '*' \
--source-port-range '*' \
--destination-address-prefix '*' \
--destination-port-range 22

# Associate the NSG with the Branch Subnet


az network vnet subnet update \
--resource-group $BRANCH_RESOURCE_GROUP \
--vnet-name $BRANCH_VNET_NAME \
--name $BRANCH_SUBNET_NAME \
--network-security-group $BRANCH_NSG_NAME

# Create a VM in the Branch VNet without a public IP, using the default Standard
SSD
az vm create \
--resource-group $BRANCH_RESOURCE_GROUP \
--name $BRANCH_VM_NAME \
--size $VM_SIZE \
--image $IMAGE \
--admin-username $ADMIN_USERNAME \
--admin-password $ADMIN_PASSWORD \
--authentication-type password \
--subnet $BRANCH_SUBNET_NAME \
--vnet-name $BRANCH_VNET_NAME \
--public-ip-address "" \
--location $BRANCH_LOCATION \
--storage-sku StandardSSD_LRS \
--no-wait

# VNet Peering between HeadOffice (East US) and Branch VNet (West US)
az network vnet peering create \
--resource-group rg_sb_eastus_64792_1_173758583281 \
--name HeadOfficeToBranch \
--vnet-name HeadOffice \
--remote-vnet $(az network vnet show --resource-group
rg_sb_eastus_64792_1_173758583281 --name $BRANCH_VNET_NAME --query id -o tsv) \
--allow-vnet-access

az network vnet peering create \


--resource-group $BRANCH_RESOURCE_GROUP \
--name BranchToHeadOffice \
--vnet-name $BRANCH_VNET_NAME \
--remote-vnet HeadOffice \
--allow-vnet-access

You might also like