I tried to create a VM with a reserved IP adress like this:
New-AzureQuickVM -ImageName a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201409.01-en.us-127GB.vhd -ServiceName VmPIPBis3 -Windows -AdminUsername amethyste -Location "West Europe" -Password SuperMotDePasse12 -ReservedIPName 104.45.13.146
But all I get is this error message:
New-AzureQuickVM : BadRequest: The Reserved IP 104.45.13.146 does not exist.
The only thing created is the service cloud
Does anybody know what happened?
thanks
You need to first reserve the IP in your Azure Subscription and then pass the ReservedIPName (not the address) to the ReservedIPName parameter in your call to New-AzureQuickVM. Below is a script that creates a new reserved IP if one doesn't exist for the name given and then creates a new VM using the reserved IP.
$location = "West US"
$appVMName = "AppVM01"
$appVMServiceName = [Guid]::NewGuid().ToString();
$imageName = "a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201409.01-en.us-127GB.vhd"
$adminUser = "AdminUser"
$adminPswd = "AdminPassw0rd"
$reservedIPName = $appVMName + "-resrvdIP"
# Get the reserved IP if it exists or create a new one.
$reservedIP = Get-AzureReservedIP -ReservedIPName $reservedIPName -ErrorAction SilentlyContinue
if ($reservedIP -eq $null)
{
Write-Host "Reserving IP in '$location' as '$reservedIPName'."
New-AzureReservedIP -ReservedIPName $reservedIPName -Location $location
$reservedIP = Get-AzureReservedIP -ReservedIPName $reservedIPName -ErrorAction Stop
}
# Create a new VM using the reserved IP
New-AzureQuickVM -Name $appVMName -ServiceName $appVMServiceName -Windows -ImageName $imageName `
-AdminUsername $adminUser -Password $adminPswd -Location $location -ReservedIPName $reservedIP.ReservedIPName
Write-Host "VM Created using the following reserved IP Address:... " + $reservedIP.Address
Related
I just started playing around with Azure Powershell and I'm trying to create a new Azure VM.
Script:
$username = 'demoadmin'
$password = ConvertTo-SecureString 'Password123!##' -AsPlainText -Force
$WindowsCred = New-Object System.Management.Automation.PSCredential ($username, $password)
New-AzVM -ResourceGroup 'psdemo-rg-uksouth' -Name 'psdemo-win-az' -Image 'win2016datacenter' -Size 'Standard_D2ads_v5' -Credential $WindowsCred -OpenPorts 3389
Result: Azure VM is successfully created, but there is no Public IP address assigned.
Looking at the documentation here I can see the description for parameter "PublicIpAddressName": "The name of a new (or existing) public IP address for the created VM to use. If not specified, a name will be generated.".
How can I make it assign a Public IP Address on creation?
When I run the PowerShell commands you provided, yes - it is not provisioned the Public IP address, but it will be assigned the Private IP Address by Azure dynamically.
If you do not pass the PublicIpAddressName parameter, then it will not be created automatically:
Following these MSFT Doc1 & Doc 2, we have to pass the Public IP Address parameter to get assigned to the associated Virtual Machine by Azure.
PowerShell Script I used to get the Public IP Address while VM Creation in Azure:
#Create the Virtual Network
$vnet = #{
Name = 'myVNet'
ResourceGroupName = 'HariTestRg'
Location = 'EastUS'
AddressPrefix = '10.0.0.0/16'
}
$virtualNetwork = New-AzVirtualNetwork #vnet
#Create the Subnet
$subnet = #{
Name = 'default'
VirtualNetwork = $virtualNetwork
AddressPrefix = '10.0.0.0/24'
}
$subnetConfig = Add-AzVirtualNetworkSubnetConfig #subnet
$virtualNetwork | Set-AzVirtualNetwork
#Create the Virtual Machine by passing the Public IP Address parameter
$username = '<your-user-name>'
$password = ConvertTo-SecureString '<your-password>' -AsPlainText -Force
$WindowsCred = New-Object System.Management.Automation.PSCredential ($username, $password)
New-AzVm `
-ResourceGroupName "HariTestRg" `
-Name "psdemo-win-az02" `
-Location "EastUS" `
-VirtualNetworkName "myVnet" `
-SubnetName "default" `
-SecurityGroupName "myNetworkSecurityGroup" `
-PublicIpAddressName "myPublicIpAddress2" `
-ImageName "MicrosoftWindowsServer:WindowsServer:2016-Datacenter-with-Containers:latest" `
-Credential $WindowsCred
Result:
I have below PowerShell script to create vnet and subnet in Azure
$virtualNetworkName = 'corp-northeurope-vnet'
$frontendSubnetName = 'frontendsubnet'
$vNetAddressPrefix = "10.0.0.0/26"
$SubnetAddressPrefix = "10.0.1.0/28"
$virtualNetwork = Get-AzVirtualNetwork -Name $virtualNetworkName -ResourceGroupName $rgName
if ($null -eq $virtualNetwork) {
$virtualNetwork = New-AzVirtualNetwork `
-Name $virtualNetworkName `
-ResourceGroupName $rgName `
-AddressPrefix $vNetAddressPrefix `
-Location $location
}
else {
Write-Log -Message "[$($virtualNetwork.Name)] already exists"
}
$fesubnet = Get-AzVirtualNetworkSubnetConfig -Name $frontendSubnetName -VirtualNetwork $virtualNetwork
if ($null -eq $fesubnet) {
$fesubnet = Add-AzVirtualNetworkSubnetConfig `
-Name $frontendSubnetName `
-AddressPrefix $subnetAddressPrefix `
-VirtualNetwork $virtualNetwork
$virtualNetwork | Set-AzVirtualNetwork
}
else {
Write-Log -Message "[$($fesubnet.Name)] already exists"
}
But It does not work.
Error throws here
$virtualNetwork | Set-AzVirtualNetwork
Subnet 'frontendsubnet' is not valid in virtual network 'corp-northeurope-vnet'. StatusCode: 400 ReasonPhrase: Bad Request ErrorCode: NetcfgInvalidSubnet ErrorMessage: Subnet 'frontendsubnet' is
| not valid in virtual network 'corp-northeurope-vnet'. OperationID : 06c1ed77-14f1-294d-a19a-41c2epbdd04f
Is it anything to do with IP Range ?
The IP Range of the subnet is not within the IP Range of the VNET this causes the Subnet configuration to be invalid.
So either you change the Subnet address prefix to be within the VNETs Address Prefix or you expand the VNETs address prefix so that it includes the range of the Subnet you are trying to create.
A good tool to use to plan your IP Address Prefixes is: http://jodies.de/ipcalc?host=10.0.0.0&mask1=26&mask2=
The error caused by your subnet address prefix. When your VNet address prefix is 10.0.0.0/26. Then your subnet addresses range should be less than 10.0.0.0/26. You can change the subnet prefix as 10.0.0.0/28. Then it will be no problem.
One problem is the second command line.
If you are saying you already have created a Vnet, a subnet, a Vnet IP CIDR prefix, and a Subnet IP CIDR prefix, the command for Subnet is Not $frontendSubnetName, "Frontend" is the name of the subnet included on Vnet "corp-northeurope-vnet".
$frontendSubnetName = 'frontendsubnet'
the command frontendSubnetName is the wrong, the correct should be:
$subnetConfig = 'frontendsubnet'
Try using these commands:
$virtualNetworkName = 'corp-northeurope-vnet'
$subnetConfig = 'frontendsubnet'
$vNetAddressPrefix = "10.0.0.0/26"
$SubnetAddressPrefix = "10.0.1.0/28"
Here the official documentation: https://learn.microsoft.com/en-us/azure/virtual-network/quick-create-powershell
I've got a powershell script that I use to build a VM.
# Variables for common values
$resourceGroup = "AAA-Production3"
$location = "West US 2"
$vmName = "AAA-Prod-SVR1"
$SubnetName = "AAA-PROD-SUBNET01"
$NamevNET = "AAA-PROD-VNET"
$Namepublicdns = "AAA-PROD-ADF01-IP01"
$NameNetworkSecurityGroupRuleRDP = 'Default-allow-rdp'
$NameNetworkSecurityGroup = 'AAA-SVR1-NSG'
$NameVNic = "AAA-PROD-VNIC01"
$VMSize = 'Standard_D1_v2'
# Create user object
$cred = Get-Credential -Message "Enter a username and password for the virtual machine."
New-AzureRmResourceGroup -Name $resourceGroup -Location $location
$subnetConfig = New-AzureRmVirtualNetworkSubnetConfig -Name $SubnetName -AddressPrefix 10.50.1.0/24
$vnet = New-AzureRmVirtualNetwork -ResourceGroupName $resourceGroup -Location $location `
-Name $NamevNET -AddressPrefix 10.50.1.0/24 -Subnet $subnetConfig
# Create a public IP address and specify a DNS name
$pip = New-AzureRmPublicIpAddress -ResourceGroupName $resourceGroup -Location $location `
-Name "$Namepublicdns$(Get-Random)" -AllocationMethod Static -IdleTimeoutInMinutes 4
# Create an inbound network security group rule for port 3389
$nsgRuleRDP = New-AzureRmNetworkSecurityRuleConfig -Name $NameNetworkSecurityGroupRuleRDP -Protocol Tcp `
-Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 3389 -Access Allow
# Create a network security group
$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName $resourceGroup -Location $location `
-Name $NameNetworkSecurityGroup -SecurityRules $nsgRuleRDP
# Create a virtual network card and associate with public IP address and NSG
$nic = New-AzureRmNetworkInterface -Name $NameVNic -ResourceGroupName $resourceGroup -Location $location `
-SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id
# Create a virtual machine configuration
$vmConfig = New-AzureRmVMConfig -VMName $vmName -VMSize $VMSize | `
Set-AzureRmVMOperatingSystem -Windows -ComputerName $vmName -Credential $cred | `
Set-AzureRmVMSourceImage -PublisherName MicrosoftWindowsServer -Offer WindowsServer -Skus 2016-Datacenter -Version latest | `
Add-AzureRmVMNetworkInterface -Id $nic.Id
# Create a virtual machine
New-AzureRmVM -ResourceGroupName $resourceGroup -Location $location -VM $vmConfig
Everything runs fine, but when it gets to the end, the New-AzureRmVM script never returns or exits. If I disconnect my machine from the net, I'll get a message about a long running process, but other than that, the shell appears to be locked up.
Any ideas how to get the command to exit so I can reuse the shell?
I'm creating VM on Azure from an Image using powershell.
This is the script I'm using .
$UserName = "username"
$Password = ConvertTo-SecureString "password#123" -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential($UserName, $Password)
New-AzureRmVm `
-ResourceGroupName "RSG" `
-Name "VMName" `
-ImageName "ImageName" `
-Location "West US" `
-VirtualNetworkName "VNName" `
-SubnetName "default" `
-Credential $psCred
-PublicIpAddressName "None" `
-OpenPorts 3389
But, when I got into the Azure portal and see, some Public Ip is getting assigned by default. I have also tried without giving PublicIpAddressName property assuming , it wont assign any IP, but still it is assigning.
I want the Public IP to be none.Can anyone help me achieve this.Thanks!
Currently this an issue which is still in Open state on official azure-powershell github. You can refer it here . Incase if you still want to bypass this you can try using New-AzureReservedIP or after the deployment command try to remove the public ip by yourself Remove-AzureRmPublicIpAddress.
Note : I have'nt tested it yet. Just an idea.
Refer : Docs
To set no public ip address you have can just define it as "" , in powershell you will need to quote that again so it will be """" .
If you are using PowerShell, then you will need to escape all empty parameters by changing "" to '""' to properly pass an empty string into the command. Without this, PowerShell will not pass the empty string, and you will get an error from the command indicating it's missing a parameter.
$winVmCred = Get-Credential `
-Message "Enter username and password for the Windows management virtual machine."
# Create a NIC for the VM.
$winVmNic = New-AzNetworkInterface -Name "winVMNIC01" `
-ResourceGroupName $resourceGroup.ResourceGroupName `
-Location $location `
-SubnetId $targetVMSubnet.Id `
-PrivateIpAddress "10.10.12.10"
# Configure the Windows management VM.
$winVmConfig = New-AzVMConfig -VMName $winVmName -VMSize $winVmSize | `
Set-AzVMOperatingSystem -Windows -ComputerName $winVmName -Credential $winVmCred | `
Set-AzVMSourceImage -PublisherName $winVmPublisher `
-Offer $winVmOffer `
-Skus $winVmSku `
-Version $winVmVersion | `
Add-AzVMNetworkInterface -Id $winVmNic.Id
# Create the VM.
$winVM = New-AzVM -ResourceGroupName $resourceGroup.ResourceGroupName `
-Location $location `
-VM $winVmConfig `
-ErrorAction Stop
I am not able connect to VPN using powershell cmdlet. I use 'rasdial' from a build agent to connect to vpn, so that we can trigger automated tests. The whole process is automated.
Earlier same rasdial command - Rasdial "VPNName" was working perfectly fine with classic model (ASM) of vpn. But, after I migrated to ARM, I am facing this issue. However through UI i.e. clicking on buttons to connect to vpn is working fine but our need is to connect through script.
I am getting a message-
This function is not supported on this system.
NB: I am following this post- https://dzone.com/articles/deconstructing-azure-point
The same workaround worked in ASM but not woking in ARM. What can be another workaround or fix for this ?
I am using below script to create and download the VPN package. I am not sure I am missing something in my script which is causing this issue-
$VNetName = "MYVPN"
$SubName = "Subnet-1"
$GWSubName = "GatewaySubnet"
$VNetPrefix1 = "15.3.0.0/16"
$SubPrefix = "15.3.1.0/24"
$GWSubPrefix = "15.3.200.0/26"
$VPNClientAddressPool = "158.17.201.0/24"
$RG = "VMsRG"
$Location = "West Europe"
$DNS = "15.3.0.0"
$GWName = "GateWay"
$GWIPName = "GateWayIP"
$GWIPconfName = "GateWayIPConfig"
$P2SRootCertName = "XXXXX.cer"
$DeployUserName = "atf#hotmail.com"
$DeployUserPassword = "XXXXX"
$Azurepwd = ConvertTo-SecureString $DeployUserPassword -AsPlainText -Force
$AzureCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist $DeployUserName, $Azurepwd
Add-AzureRmAccount -credential $AzureCredential -SubscriptionName Development
New-AzureRmResourceGroup -Name $RG -Location $Location
$fesub = New-AzureRmVirtualNetworkSubnetConfig -Name $SubName -AddressPrefix $SubPrefix
$gwsub = New-AzureRmVirtualNetworkSubnetConfig -Name $GWSubName -AddressPrefix $GWSubPrefix
New-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $RG -Location $Location -AddressPrefix $VNetPrefix1 -Subnet $fesub, $gwsub -DnsServer $DNS
$vnet = Get-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $RG
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name "GatewaySubnet" -VirtualNetwork $vnet
$pip = New-AzureRmPublicIpAddress -Name $GWIPName -ResourceGroupName $RG -Location $Location -AllocationMethod dynamic
$ipconf = New-AzureRmVirtualNetworkGatewayIpConfig -Name $GWIPconfName -Subnet $subnet -PublicIpAddress $pip
$MyP2SRootCertPubKeyBase64 = "XXXXX"
$p2srootcert = New-AzureRmVpnClientRootCertificate -Name "P2SVNETRootCertName" -PublicCertData $MyP2SRootCertPubKeyBase64
New-AzureRmVirtualNetworkGateway -Name $GWName -ResourceGroupName $RG -Location $Location -IpConfigurations $ipconf -GatewayType Vpn -VpnType RouteBased -EnableBgp $false -GatewaySku Standard -VpnClientAddressPool $VPNClientAddressPool -VpnClientRootCertificates $p2srootcert
Get-AzureRmVpnClientPackage -ResourceGroupName $RG -VirtualNetworkGatewayName $GWName -ProcessorArchitecture Amd64
As I am able to connect using GUI. I hope script is doing it's job.
After 4 Months I got a reply from MS (as I raised a ticket for the same).
They told Rasdial is not supported by Azure VPN Client Package till date. Also, Even after deconstructing-the-azure-point-to-site-vpn lacks addition of route which should be taken care by adding the route explicitly.
So as an workaround I did the steps provided in the blog - http://www.diaryofaninja.com/blog/2013/11/27/deconstructing-the-azure-point-to-site-vpn-for-command-line-usage
However the last part of adding the route is a bit complex. So, for adding route I have created my own PS script-
$Subnet = #("10.0.1.0", "10.0.2.0","10.0.3.0")
$VPNClientAddressPool = "x.x.x"
$Mask = "255.255.0.0"
$azureIpAddress = ""
$VPNCmd = "MYVPNName"
Here x.x.x are the 3 octet that can be found in "GateWay - Point-to-site configuration" of the VPN-
$routeExists = route print | findstr $VPNClientAddressPool
if($routeExists)
{
route delete $Subnet
}
rasdial $VPNCmd > $null
$azureIPAddress = ipconfig | findstr $VPNClientAddressPool
if($azureIPAddress -ne $null)
{
$azureIpAddress = $azureIpAddress.Split(": ")
$azureIpAddress = $azureIpAddress[$azureIpAddress.Length-1]
$azureIpAddress = $azureIpAddress.Trim()
route add $Subnet MASK $Mask $azureIPAddress
}
This solved the purpose for me. Basically You just need to take care of the route add part.
Your PowerShell script seems fine (I didn't try the login and resource group pieces, but everything else works from $fesub on.) except for the third line from the bottom. The -Name tag which you currently have as "P2SVNETRootCertName" needs to be the same as your $P2SRootCertName. For more information, refer to Azure documentation: https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-howto-point-to-site-rm-ps/
As for Rasdial, another StackOverflow post has answered this: Azure Virtual Network Point-to-Site (ex. Azure Connect) autoconnect
-Bridget [MSFT]