Azure IaaS Lab – Reviewing the Situation

This post is part of a series, for the series contents see:

From a fundamental building blocks perspective, the lab is starting to take shape.  I have my hub, internal, and DMZ networks setup and a VPN connection from my PC into that hub.

If I look at the original high-level design then I’ve just got the security network section to go,  which is all nice and peachy!

Realistically it still has a long way to go though:

  • I’ve built up some VMs but I haven’t configured any of them.
  • So whilst I have a WAF and an intended web server sat behind it, I haven’t actually configured that web server yet so I can’t see my WAF in action.
  • Furthermore, because I haven’t setup my VNET peering or exposed any of my VMs with a public IP then, at the moment, I don’t even have a way of getting to that web server to configure it!

Once I’ve setup my peering I’ll be able to connect to my management station and use it to connect to those DMZ or internal VMs to configure them.  Annoyingly, even when I get around to configuring my VNET peering I don’t think I’ll be able to jump straight from my local machine and traverse the VPN & network to hit a machine in the DMZ.  The reason for this is that I’m using a point-to-site, rather than site-to-site, VPN so I have nowhere that I can define my VPN client range as a “local network” that would allow that traversal.  Well, nowhere that I know of at the moment – admittedly I could do with having a bit of a deeper dig into it!

So what’s next?

  • Get my security network and firewall VM setup
  • Setup the VNET peering that will allow me to connect to everything for configuration.
  • Configure my web server
  • Configure my firewall
  • Configure routing to push traffic via that firewall

That should keep me busy for a bit but there’s still plenty to do, even after that.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: