Maklum balas Edit

View configurations applied by Azure Virtual Network Manager (Preview)

  • Artikel
  • 3 minit untuk dibaca

Azure Virtual Network Manager provides a few different ways for you to verify if configurations are being applied correctly. In this article, we'll look at how you can verify configurations applied both at virtual network and virtual machine level. We'll also go over operations you'll see in the activity log.

Virtual network visibility

Once your configuration has been deployed by Virtual Network Manager, you can view the applied configuration from the virtual network resource.

  1. Go to your virtual network resource and select Network Manager under Settings. On the Connectivity tab, you'll see all the connectivity configurations the virtual network is associated with.

    Screenshot of connectivity configuration associated to a virtual network.

  2. Select the SecurityAdmin tab to see all the security rules currently applied to your virtual network.

    Screenshot of security rules associated to a virtual network.

Virtual machine visibility

At the virtual machine level, you can view security rules applied by Virtual Network Manager and the effective routes for the connectivity configurations.

Applied security rules

  1. Go to a virtual machine in a virtual network that has a configuration applied by Virtual Network Manager. Then select Networking under Settings on the left menu pane.

    Screenshot of virtual machine overview page.

  2. You'll see a list of inbound network security groups and also a section for inbound security rules applied by Virtual Network Manager.

    Screenshot of virtual machine outbound security rules.

  3. Select the Outbound port rules tab to see the outbound security rules for the virtual machine.

    Screenshot of virtual machine inbound security rules.

Effective routes

  1. To see the effective routes for the applied connectivity configuration, select the network interface name under the Networking settings of the virtual machine.

    Screenshot of selecting virtual machine network interface card.

  2. Then select Effective routes under Support + troubleshooting.

    Screenshot of effective routes button from a VM network interface card.

  3. Routes with the next hop type of ConnectedGroup are either part of mesh configuration or when Direct connectivity is enabled for a network group. Routes between the hub and spoke virtual networks will appear as next hop type VNetPeering or GlobalVNetPeering.

    Screenshot of effective routes that shows connected groups and hub routes.

    Note

    The hub virtual network address space is also included in the ConnectedGroup. Therefore, if virtual network peering fails between the hub and spoke virtual networks, they can still communicate with each other because they're in a connected group.

Effective security rules

  1. To see effective security rules for an applied security rule configuration, select the network interface name under the Networking settings of the virtual machine.

    Screenshot of selecting virtual machine network interface card for security rules.

  2. Then select Effective security rules under Support + troubleshooting.

    Screenshot of effective security rules button for a VM network interface card.

  3. Select the name of the Azure Virtual Network Manager to see the security admin rules associated to the virtual machine.

    Screenshot of effective security rules associated to the virtual machine.

Activity Log

You can view the activity log for your Azure Virtual Network Manager resource to see the changes that you or your network administrator have made. To view the activity log, go to your Network Manager resource in the Azure portal. Select Activity log in the left pane menu. If necessary, adjust the Timespan and add more filters to narrow the list of operations. You can also view the Activity Log by searching for the service at the top of the Azure portal.

Screenshot of activity log page for Network Manager.

List of operations

The following list contains operations you'll see in the activity log:

Name Description
Commit Deployment of a configuration has been committed to a region(s).
Delete ConnectivityConfiguration Deleting a connectivity configuration from Network Manager.
Delete NetworkGroups Deleting a network group from Network Manager.
Delete Rules Deleting a rule from a rule collection.
Delete RuleCollections Deleting a rule collection from a security admin configuration.
Delete SecurityAdminConfigurations Deleting a security admin configuration from Network Manager.
ListDeploymentStatus Viewing the deployment status of a connectivity or security admin configuration.
ListActiveConnectivityConfiguration Viewing the list of connectivity configurations applied to the virtual network.
ListActiveSecurityAdminRules Viewing the list of security admin configurations applied to the virtual network.
Write ConnectivityConfiguration. Creating a new connectivity configuration.
Write NetworkGroups Creating a new network group.
Write NetworkManager Creating a new Azure Virtual Network Manager instance.
Write Rules Creating a new security rule to add to a rule collection.
Write RuleCollections Creating a new rule collection to add to a security admin configuration.
Write SecurityAdminConfiguration Creating a new security admin configuration.

Next steps