Lab: Configuring Network Security Groups

Lab: Configuring Network Security Groups................................................................................................... 2

Lab: Configuring Network Security Groups

Lab: Configuring Network Security Groups

NSG can be applied on the instance and on subnet. Network Security Group can be created
using PowerShell. In Preview Portal, you can create NSG using GUI from Resource Manager
stack.
Download Template using
http://cloudthat.blob.core.windows.net/trainingfiles/armTemplate(NSG).json
1. Navigate to New > in Search box type Template deployment

2. Select Template Deployment

3. Click Create
2

Lab: Configuring Network Security Groups

4. This is template code

5. Open downloaded JSON template

3

Lab: Configuring Network Security Groups

6. Copy code from JSON template to your custom deployment template in Portal and
save it

Lab: Configuring Network Security Groups

7. In Edit parameters give Storage account name, admin username and password. Give
DNS name and keep VM size Standard_D2

8. In Resource group, select Create new and give a unique Name and select Location near
by you. Click on Create

Lab: Configuring Network Security Groups

9. In Legal terms, Click on Purchase

10. All information has been filled, click on Create

Lab: Configuring Network Security Groups

11. Template is deployed.

12. Click Browse > Network Security Groups

Lab: Configuring Network Security Groups

13. In the Network security groups blade, click Add

14. In the Create network security group blade, create an NSG named NSG-FrontEnd in the
RG-NSG resource group, and then click Create

Lab: Configuring Network Security Groups

Create rules in an existing NSG

15. Click Browse > > Network security groups
16. In the list of NSGs, click NSG-FrontEnd > All settings

17. In Settings, click Inbounds security rules

18. In the list of Inbound security rules, click Add

Lab: Configuring Network Security Groups

19. In the Add inbound security rule blade, create a rule named web-rule with priority
of 200 allowing access via TCP to port 80 to any VM from any source, and then click OK.
Notice that most of these settings are default values already.

20. After a few seconds you will see the new rule in the NSG

21. Repeat steps 15 to 20 to create an inbound rule named rdp-rule with a priority
of 250 allowing access via TCP to port 3389 to any VM from any source

10

Lab: Configuring Network Security Groups

Associate the NSG to the FrontEnd subnet

22. Click Browse > Resource groups > RG-NSG
23. In the RG-NSG blade, click myVNET

24. In the Settings blade, click Subnets

11

Lab: Configuring Network Security Groups

25. In Subnets, click Subnet-1

26. Click Network security group, select NSG-Frontend

27. In the Subnet-1 blade, click Save

12