Create a virtual network using the Azure portal
A virtual network enables Azure resources, such as virtual machines (VM), to communicate privately with each other, and with the internet. In this article, you learn how to create a virtual network. After creating a virtual network, you deploy two VMs into the virtual network. You then connect to one VM from the internet, and communicate privately between the two VMs.
If you don't have an Azure subscription, create a free account before you begin.
Log in to Azure
Log in to the Azure portal at https://portal.azure.com.
Create a virtual network
- Select + Create a resource on the upper, left corner of the Azure portal.
- Select Networking, and then select Virtual network.
Enter, or select, the following information, accept the defaults for the remaining settings, and then select Create:
Setting Value Name myVirtualNetwork Subscription Select your subscription. Resource group Select Create new and enter myResourceGroup. Location Select East US.
Create virtual machines
Create two VMs in the virtual network:
Create the first VM
- Select + Create a resource found on the upper, left corner of the Azure portal.
- Select Compute, and then select Windows Server 2016 Datacenter.
Enter, or select, the following information, accept the defaults for the remaining settings, and then select OK:
Setting Value Name myVm1 User name Enter a user name of your choosing. Password Enter a password of your choosing. The password must be at least 12 characters long and meet the defined complexity requirements. Subscription Select your subscription. Resource group Select Use existing and select myResourceGroup. Location Select East US
Select a size for the VM and then select Select.
Under Settings, accept all the defaults and then select OK.
Under Create of the Summary, select Create to start VM deployment. The VM takes a few minutes to deploy.
Create the second VM
Complete steps 1-6 again, but in step 3, name the VM myVm2.
Connect to a VM from the internet
After myVm1 is created, connect to it. At the top of the Azure portal, enter myVm1. When myVm1 appears in the search results, select it. Select the Connect button.
After selecting the Connect button, a Remote Desktop Protocol (.rdp) file is created and downloaded to your computer.
- Open the downloaded rdp file. If prompted, select Connect. Enter the user name and password you specified when creating the VM. You may need to select More choices, then Use a different account, to specify the credentials you entered when you created the VM.
- Select OK.
- You may receive a certificate warning during the sign-in process. If you receive the warning, select Yes or Continue, to proceed with the connection.
Communicate privately between VMs
- From PowerShell, enter
ping myvm2. Ping fails, because ping uses the internet control message protocol (ICMP), and ICMP is not allowed through the Windows firewall, by default.
To allow myVm2 to ping myVm1 in a later step, enter the following command from PowerShell, which allows ICMP inbound through the Windows firewall:
New-NetFirewallRule –DisplayName “Allow ICMPv4-In” –Protocol ICMPv4
Close the remote desktop connection to myVm1.
Complete the steps in Connect to a VM from the internet again, but connect to myVm2. From a command prompt, enter
You receive replies from myVm1, because you allowed ICMP through the Windows firewall on the myVm1 VM in a previous step.
Close the remote desktop connection to myVm2.
Clean up resources
When no longer needed, delete the resource group and all of the resources it contains:
- Enter myResourceGroup in the Search box at the top of the portal. When you see myResourceGroup in the search results, select it.
- Select Delete resource group.
- Enter myResourceGroup for TYPE THE RESOURCE GROUP NAME: and select Delete.
In this article, you created a default virtual network and two VMs. You connected to one VM from the Internet and communicated privately between the VM and another VM. To learn more about virtual network settings, see Manage a virtual network.
By default, Azure allows unrestricted private communication between virtual machines, but only allows inbound remote desktop connections to Windows VMs from the Internet. To learn how to allow or restrict different types of network communication to and from VMs, advance to the next tutorial.