How to create Azure virtual network, Configure Subnets, Create Public and Private IP Address and Assign it to VNet

Creating an Azure Virtual Network (VNet), configuring subnets, and assigning public and private IP addresses involves several steps.

I'll walk you through the process of creating these resources using both the Azure Portal and Azure CLI (Command-Line Interface).

I'll also include a brief explanation of each step and the corresponding configuration.

Steps to Create an Azure Virtual Network, Configure Subnets, and Assign IP Addresses

Step 1: Create an Azure Virtual Network (VNet)

Using Azure Portal:

1. Navigate to the Azure Portal.

2. Search for 'Virtual Network' in the search bar at the top.

3. Click on 'Create'.

4. Enter the necessary details:

   • Subscription: Select the subscription where you want to create the VNet.

   • Resource Group: Create a new resource group or select an existing one.

   • Region: Choose the region where you want to create the VNet (e.g., East US, West Europe).

   • Name: Provide a name for your Virtual Network (e.g., MyVNet).

   • Address space: Define the CIDR address range (e.g., 10.0.0.0/16), which will be the address pool for the VNet.

5. Click 'Next' through the remaining tabs (Subnets, Security, etc.) to configure other settings or leave the defaults.

6. Review and create: Click Create after reviewing your configuration.

Using Azure CLI:

xxxxxxxxxx
5
1
az network vnet create \
2
  --resource-group MyResourceGroup \
3
  --name MyVNet \
4
  --address-prefix 10.0.0.0/16 \
5
  --location eastus

This command will create a VNet named MyVNet with the address range 10.0.0.0/16 in the eastus region.

Step 2: Configure Subnets for the VNet

Using Azure Portal:

1. Go to the VNet you created.

2. In the VNet dashboard, under Settings, click on Subnets.

3. Click '+ Subnet' to create a new subnet.

   • Name: Name the subnet (e.g., WebSubnet for a web tier).

   • Address range: Define the subnet's IP range (e.g., 10.0.1.0/24).

   • Network Security Group (NSG): Optionally, you can associate an NSG here to control traffic to/from this subnet.

   • Route table: Optionally, associate a route table if you need custom routing.

4. Click Add to create the subnet.

5. Repeat for any additional subnets (e.g., AppSubnet, DBSubnet).

Using Azure CLI:

xxxxxxxxxx
11
1
az network vnet subnet create \
2
  --resource-group MyResourceGroup \
3
  --vnet-name MyVNet \
4
  --name WebSubnet \
5
  --address-prefix 10.0.1.0/24
6

7
az network vnet subnet create \
8
  --resource-group MyResourceGroup \
9
  --vnet-name MyVNet \
10
  --name AppSubnet \
11
  --address-prefix 10.0.2.0/24

This will create two subnets, WebSubnet and AppSubnet, in the VNet MyVNet with the specified address ranges.

Step 3: Create Public IP Address

A Public IP Address is typically used for resources like Load Balancers, Virtual Machines, or VPN Gateways that need to be accessible from the public internet.

Using Azure Portal:

1. In the Azure Portal, search for Public IP addresses.

2. Click Create.

3. Enter the required information:

   • Subscription: Select your subscription.

   • Resource Group: Select the resource group.

   • Name: Provide a name for the Public IP address (e.g., MyPublicIP).

   • SKU: Choose Basic or Standard based on your requirements.

     • For production environments, Standard is recommended.

   • IP Version: Choose IPv4 or IPv6 based on your needs.

   • IP Assignment: Choose Dynamic (default) or Static (if you need a fixed public IP).

4. Click 'Review + Create' and then Create.

Using Azure CLI:

xxxxxxxxxx
5
1
az network public-ip create \
2
  --resource-group MyResourceGroup \
3
  --name MyPublicIP \
4
  --allocation-method Static \
5
  --sku Standard

This command creates a Static Public IP named MyPublicIP in the MyResourceGroup with a Standard SKU.

Step 4: Create Private IP Address

Private IP addresses are assigned to resources within the VNet for internal communication and are not accessible from the public internet.

Using Azure Portal:

1. When you create resources (e.g., Virtual Machines, App Services), you can assign a private IP address during the resource creation process.

2. Navigate to Virtual Machine creation or any other service that requires a private IP.

3. During the network configuration step, you can select Private IP for the NIC (Network Interface).

4. You can choose to assign a dynamic or static private IP based on your needs.

   • Dynamic is the default.

   • Static is recommended if you need a fixed IP for services like databases.

Using Azure CLI:

xxxxxxxxxx
5
1
az network nic ip-config update \
2
  --resource-group MyResourceGroup \
3
  --nic-name MyVMNic \
4
  --name ipconfig1 \
5
  --private-ip-address 10.0.1.4

This command will assign a static private IP address (10.0.1.4) to the NIC (MyVMNic) in MyResourceGroup.

Step 5: Assign Public IP to a Resource (VM Example)

Using Azure Portal:

1. After creating the Public IP, navigate to Virtual Machines and select your VM.

2. Under Networking, click on Network Interface associated with the VM.

3. In the IP Configuration section, click Associate and select the public IP you created earlier.

4. Save the changes.

Using Azure CLI:

xxxxxxxxxx
5
1
az network nic ip-config update \
2
  --resource-group MyResourceGroup \
3
  --nic-name MyVMNic \
4
  --name ipconfig1 \
5
  --public-ip-address MyPublicIP

This command will associate the public IP (MyPublicIP) with the Network Interface Card (NIC) attached to the virtual machine.

Step 6: Verify and Test the Configuration

1. Check Subnets: Ensure that your subnets are properly created and are part of the VNet with the correct address ranges.

2. Verify IP Assignments:

   • Ensure that the Private IP is correctly assigned to the resources within your VNet (e.g., VMs, app services).

   • Check the Public IP association to the correct resource (e.g., VM or Load Balancer).

3. Test Connectivity:

   • Private IP: Test connectivity between resources in different subnets within the VNet to ensure that internal traffic flows correctly.

   • Public IP: Access the resource using the public IP to verify that external traffic can reach the resource.

Summary of Steps

• Create a Virtual Network (VNet) with appropriate address space.

• Configure Subnets within the VNet to segregate different layers of your application (e.g., Web, App, DB).

• Create Public IP addresses for resources that need to be exposed to the internet (e.g., VMs, Load Balancers).

• Create Private IP addresses for internal communication within the VNet.

• Associate Public IP addresses to resources (e.g., VMs or Load Balancers) for internet-facing access.

These steps will enable you to set up a basic network infrastructure in Azure, allowing secure communication within your VNet and exposing resources to the public internet as needed.