Update the virtual network

Create a new subnet on an existing virtual network (vNet)

1. Login into Microsoft Azure portal

1. From the Azure portal home page, in the search box, enter virtual networks

1. Select virtual networks under services and create, name it "guided-project-vnet "

1. Select the guided-project-vnet virtual network.

5.From the guided-project-vnet blade, under settings, select Subnets.

1. To add a subnet, select + Subnet.

1. For Subnet purpose leave it as Default.
2. For Name enter: ftpSubnet.
3. Leave the rest of the settings alone and select Add.

1. The subnet has been created successfully
   

2. Select Home to return to the Azure portal home page.

Congratulations – you’ve completed the creation of a subnet. This subnet is only going to be used for SFTP traffic. To increase security, you need to configure a Network security group to restrict which ports are allowed on the subnet.

Create a network security group

1. From the Azure portal home page, in the search box, enter virtual networks.
2. Select virtual networks under services.
3. Select Network security groups.

1. Select + Create.

1. Verify the subscription is correct.
2. Select the guided-project-rg resource group.
3. Enter ftpNSG for the network security group name.
4. Select Review + create.

1. Once the validation is complete, select Create.

1. Wait for the screen to refresh and display Your deployment is complete.
2. Select Go to resource.

Create an inbound security rule

1. Under settings, select Inbound security rules.
2. Select + Add.

1. Change the Destination port ranges from 8080 to 22.
2. Select TCP for the protocol.
3. Set the name to ftpInbound.
4. Select Add.

1. Select Home to return to the Azure portal home page.

Congratulations – you’ve created a new Network security group and configured rules to allow inbound FTP traffic. Now, you’ll need to associate the new network security group with the ftpSubnet.

Associate a network security group to a subnet

1. From the Azure portal home page, in the search box, enter virtual networks.

1. Select virtual networks under services.
2. Select the guided-project-vnet virtual network.
3. Under settings, select Subnets.
4. Select the ftpSubnet you created.
5. On the Edit subnet page, under the Security section heading, update the Network security group field to ftpNSG.
6. Select Save.

Nicely done. It looks like you’ve completed the work needed to prepare the network for shifting the current Linux VM to a new subnet that’s designed to handle incoming FTP traffic.

Congratulations! You’ve completed this exercise.

Comments

[SKILL.SCH]

Welldone!