How to Update an Azure Virtual Network

What is an Azure Virtual Network:
An Azure Virtual Network (VNet) is a secure, isolated, and scalable networking foundation in Microsoft Azure that enables seamless communication between Azure resources like virtual machines, on-premises networks, and the internet, offering customizable IP address spaces, subnets, network security groups, virtual network peering, service endpoints, Azure Private Link, and integration with services such as Azure Bastion and VPN Gateway, all configurable via the Azure portal at https://portal.azure.com for efficient management and security across regions and subscriptions.

In this article, we will be focusing on:
Prerequisites
Before you begin, make sure you have:

An active Azure account. You can sign up for a free trial if you don’t have one.

Step-by-Step Guide to Create a Virtual Network

Login to Microsoft Azure at https://portal.azure.com
Go to https://portal.azure.com and sign in with your Azure credentials.

Create a resource group

• From the Azure portal home page, in the search box, enter resource groups.
• Select Resource groups under services

• Select Create.

• Enter guided-project-rg in the Resource group name field.

• The Region field will automatically populate. Leave the default value.

• Select Review + create.

• Select Create.

• Return to the home page of the Azure portal by selecting Home.

Create a virtual network with one subnet

• From the Azure portal home page, in the search box, enter virtual networks.

• Select Create.

• Scroll down to the Instance details section and enter guided-project-vnet for the Virtual network name

• Select Review + create.

• Select Create.

Create a virtual machine

• Select Home to return to the Azure portal home page.

• From the Azure portal home page, in the search box, enter virtual machines.

• Select Create and then select Virtual machine

• Choose the first option

• Select guided-project-rg for the Resource group.

• Enter guided-project-vm for the Virtual machine name.

• For the Image, select one of the Ubuntu Server options. (For example, Ubuntu Server 24.04 LTS - x64 Gen2)

• Continue further on the Basics page to the Administrator account section.

• Select Password for authentication type.

• Enter guided-project-admin for the admin Username.

• Enter a password for the admin account.

• Confirm the password for the admin account.

• Leave the rest of the settings as default settings. You can review the settings if you like, but shouldn’t change any.

• Select Review + create.

• Select Create to confirm the resource cost and create the virtual machine.

Create a Storage account

• Select Home to return to the Azure portal home page.

• From the Azure portal home page, in the search box, enter storage accounts.

• Select Storage accounts under services.

• Select Create.

• Scroll down to the Instance details section and enter a name for the storage account. Storage accounts must be globally unique, so you may have to try a few different times to get a storage account name.

• Select Review + create.

• Select Create.

• Go to resource

• Select Home to return to the Azure portal home page.

• Congratulations! You’ve completed the Prepare exercise. Update the virtual network

What is subnet

In the Azure Portal, a subnet is a smaller part of a virtual network's IP address range, set up using a simple numbering system, that groups and protects resources like computers in one Azure region and account, assigns private IP addresses (keeping five for itself), works with security rules and traffic guides to control data flow, can be reserved for specific Azure services, needs unique address ranges to avoid conflicts, includes special subnets like AzureFirewallSubnet or AzureBastionSubnet with minimum size needs, allows communication within the network and to the internet, follows global network standards, and is managed through the Azure Portal or code for better organization, safety, and growth.

Create a new subnet on an existing virtual network (vNet)

• Login to Microsoft Azure at https://portal.azure.com

• From the Azure portal home page, in the search box, enter virtual networks.

• Select virtual networks under services.

• Select the guided-project-vnet virtual network.

• From the guided-project-vnet blade, under settings, select Subnets.

• To add a subnet, select + Subnet.

• For Subnet purpose leave it as Default.

• For Name enter: ftpSubnet.

• Leave the rest of the settings alone and select Add.

• Select Home to return to the Azure portal home page.

• Congratulations – you’ve completed the creation of a subnet. This subnet is only going to be used for SFTP traffic. To increase security, you need to configure a Network security group to restrict which ports are allowed on the subnet.

Create a network security group

• From the Azure portal home page, in the search box, enter virtual networks

• Select Network security groups.

• Select + Create

• Verify the subscription is correct

• Select the guided-project-rg resource group.

• Enter ftpNSG for the network security group name.

• Select Review + create.

• Once the validation is complete, select Create.

Create an inbound security rule

• Under settings, select Inbound security rules.

• Select + Add.

• Change the Destination port ranges from 8080 to 22.

• Select TCP for the protocol.

• Set the name to ftpInbound.

• Select Add.

• Congratulations – you’ve created a new Network security group and configured rules to allow inbound FTP traffic. Now, you’ll need to associate the new network security group with the ftpSubnet.

Associate a network security group to a subnet

• From the Azure portal home page, in the search box, enter virtual networks.

• Select virtual networks under services.

• Select the guided-project-vnet virtual network.

• Under settings, select Subnets.

• Select the ftpSubnet you created.

• On the Edit subnet page, under the Security section heading, update the Network security group field to ftpNSG.

• Select Save.

• Nicely done. It looks like you’ve completed the work needed to prepare the network for shifting the current Linux VM to a new subnet that’s designed to handle incoming FTP traffic.

Congratulations! You’ve completed this exercise.

Comments

[Alioke Emmanuel Nzubechukwu]

Nice

[Parag Nandy Roy]

Perfect for anyone diving into Azure networking...