Connect to Azure Stack
Applies to: Azure Stack Development Kit
To manage resources, you must first connect to the Azure Stack Development Kit. In this article, we describe the steps that you take to connect to the development kit. You can use one of the following connection options:
- Remote Desktop Connection. When you connect by using Remote Desktop Connection, a single user can quickly connect from the development kit.
- Virtual private network (VPN). When you connect by using a VPN, multiple users can concurrently connect from clients outside the Azure Stack infrastructure (requires setup).
Connect to Azure Stack by using Remote Desktop Connection
A single concurrent user can manage resources in the operator portal or the user portal through Remote Desktop Connection.
Open Remote Desktop Connection and connect to the development kit. For the user name, enter AzureStack\AzureStackAdmin. Use the operator password that you specified when you set up Azure Stack.
On the development kit computer, open Server Manager. Select Local Server, clear the Internet Explorer Enhanced Security check box, and then close Server Manager.
To open the user portal, go to https://portal.local.azurestack.external/. Sign in by using user credentials. To open the Azure Stack operator portal, go to https://adminportal.local.azurestack.external/. Sign in by using the Azure Active Directory (Azure AD) credentials that you specified during installation.
Connect to Azure Stack by using VPN
You can establish a split tunnel VPN connection to an Azure Stack Development Kit. You can use a VPN connection to access the Azure Stack operator portal, the user portal, and locally installed tools like Visual Studio and PowerShell to manage Azure Stack resources. VPN connectivity is supported both in Azure AD and in Active Directory Federation Services (AD FS) deployments. VPN connections make it possible for multiple clients to connect to Azure Stack at the same time.
A VPN connection does not provide connectivity to Azure Stack infrastructure VMs.
- Install Azure Stack-compatible Azure PowerShell on your local computer.
- Download the tools required to work with Azure Stack.
Set up VPN connectivity
To create a VPN connection to the development kit, open Windows PowerShell as an administrator on your local Windows-based computer. Then, run the following script (update the IP address and password values for your environment):
# Configure Windows Remote Management (WinRM), if it's not already configured. winrm quickconfig Set-ExecutionPolicy RemoteSigned # Import the Connect module. Import-Module .\Connect\AzureStack.Connect.psm1 # Add the development kit computer’s host IP address and certificate authority (CA) to the list of trusted hosts. Make sure you update the IP address and password values for your environment. $hostIP = "<Azure Stack host IP address>" $Password = ConvertTo-SecureString ` "<operator's password provided when deploying Azure Stack>" ` -AsPlainText ` -Force Set-Item wsman:\localhost\Client\TrustedHosts ` -Value $hostIP ` -Concatenate # Create a VPN connection entry for the local user. Add-AzsVpnConnection ` -ServerAddress $hostIP ` -Password $Password
If setup succeeds, azurestack appears in your list of VPN connections.
Connect to Azure Stack
Connect to the Azure Stack instance by using one of the following methods:
Connect-AzsVpn ` -Password $Password
When prompted, trust the Azure Stack host and install the certificate from AzureStackCertificateAuthority in your local computer’s certificate store. (The prompt might be hidden by the PowerShell window.)
On your local computer, select Network Settings > VPN > azurestack > connect. At the sign-in prompt, enter the user name (AzureStack\AzureStackAdmin) and your password.
Test VPN connectivity
To test the portal connection, open a web browser, and then go to either the user portal (https://portal.local.azurestack.external/) or the operator portal (https://adminportal.local.azurestack.external/). Sign in and create resources.