Can't access Azure VM - azure

I was trying to change the network numbers address of my Virtual machine on Azure to be in same network rang as another Virtual machine on Azure pool, once I click save on network card, it freezes & became not accessible with Remote Desktop or any other way.
Please Help.

NEVER try to manually change the NIC. The NIC is still owned by the Windows Azure fabric and when you manually make changes, the fabric interprets it as an attempt to bypass its network security measure. You should be able to get access to the VM back by removing and re-adding the VM (when you remove it, be sure not to remove its disks then you can re-provision it from those same disks).
If you're trying to adjust network address spaces (subnets?), you may want to look at using an Azure virtual network to help group VMs together. While this still won't guarantee a fixed internal IP address, it will give you a degree of predictability.

Related

Can't connect Network Interface to VM in Azure

I created a VM in HyperV and modified it to be a DLP machine.
I saved the machine's disk and uploaded it to Azure on a new VM and when I tried to connect a Network Interface to the VM it didn't work, I could do that and it seemed as if it worked but when went to Networking it said:
This network interface does not contain network security groups
Which basically means it didn't set anything, also when tried to add a new NIC (Network Interface) for the third time the following error was given:
Failed to attach network interface 'Dlp-machine-NetworkINT' to virtual machine 'Dlp-machine'. Error: The number of network interfaces for virtual machine Dlp-machine exceeds the maximum allowed for the virtual machine size Standard_D2s_v3. The number of network interfaces is 3 and the maximum allowed is 2.
So it seems like the former NICs were saved but were not really applied or used.
I came to realize that what's the problem is that since the VM is using a local disk it's configured to use the local NIC.
Anyone has encountered something like this when uploading a local disk to Azure and knows what to do?
What the second error says is that your VM is limited to only 2 NICs by its SKU. You should use Standard_D8s_v3 (or some other SKU) to allow to use 4 NICs
https://learn.microsoft.com/en-us/azure/virtual-machines/windows/sizes-general#dsv3-series-1

Accessing Azure Virtual machine behind proxy / firewwall

I have created a Windows 2016 data center on Microsoft Azure cloud. I also downloaded its RDP file. However, when I am trying to access it from my Organization I get below error. (of course, organization uses proxy/firewall). When I access it from my home internet, I can access the VM successfully.
Currently the networking of the VM has below setting:
Please help to access the azure VM via proxy.
Edit:
Got few great answers. However, being a trainer, I need to keep creating and deleting the VMs on day to day basis, hence requesting network admin to add a particular VM IP to exception list won't help. Is there any other way possible?
Go with Jason's suggestion. Your network admin needs to configure the corresponding rules for the firewall or proxy. What you need to tell the network admin depends on your setup:
If you are dealing with one VM only, then you could either configure the public IP that is assigned to the VM as static and ask the network admin to allow rdp to that IP address, or, alternatively,
if you would like to save costs for the public IP and your organisation's proxy/firewall is capable of working with DNS names, then you could assign a DNS name to the public IP and let the network admin know the DNS name. The DNS name would be something similar to this: myazurevmname.azurelocation.cloudapp.azure.com
If you are planning to access several VM's in Azure, you can either repeat above steps for each of the VM's, however, may want to think about establishing a point-to-site VPN from your local computer which would remove the need for assigning public IP addresses to each of the VM's. The network setup in Azure will be more complex upfront, but it may be worth the effort. However, this will be a separate discussion.
You could set up teamviewer as a service(!) on your VM and then connect to it with teamviewer from your company pc. it'll be a bit laggy but you'll get used to it
Use this tutorial to set up teamviewer
It seems your organization network block it, you should contact your network admin to add it to firewall/proxy.

How to configure the endpoints for the "new" windows azure virtual machine?

I've just created a "new" virtual machine in Windows Azure. I say "new" because there is a "Virtual Machine (classic)" option.
The "new" virtual machine is not accesible by the "old" https://manage.windowsazure.com, it's only accesible by the "new" https://portal.azure.com
My problem is that I've expent a couple of days configuring the "new" Virtual Machine and now I want to open the port 80... but I don't find the "endpoint" configuration!!
I've been looking for it many hours :S
Any clues?
Azure Resource Managed VMs now use the concept of Network adapters, Virtual Networks and Security Groups to manage ingress, egress from a machine.
A virtual machine has a network adapter attached, the adapter is placed within a subnet within a virtual network. A security group can then be placed against the subnet and / or the network adapter.
The network adapter can optionally have a publically accessible address bound to it. Either dynamically or statically bound (i.e. if you take a fixed address, you will be charged for it for when the machine isn't running)
I'm not entirely sure its possible to create a security group via the portal (at least I couldn't find any option for it when I just (albeit briefly) looked.
However you can use New-AzureNetworkSecurityGroup to create a security group and then attach it to your Nic through the portal and also configure the security policy. Which you get to via -
Virtual machines -> VNMame-> Settings -> Network interfaces -> NicName -> Choose network security group
It is a little more complicated than the previous method, but once you're used to it it is a lot more flexible.
Edited to add
Depending on your config, you might need to a public IP address attaching also - use New-AzurePublicIpAddress
It's all good. The get-help wasn't up to date and optional params are actually needed. Just make sure to use all params

creating an image changes the network adapter name

I have a VM which have a network adapter called 'Ethernet'.
When I create an image from this VM, any VM that I create from that image have only one network adapter named 'Ethernet 2'.
How can I force it have the same network adapter name?
Thank you very much for your help!
This is expected behavior. Network adapter would also change if your VM is healed (i.e. the underlying hardware fails and your image is re-instantiated on a new one). This will also happen if you scale the VM (change the VM size). Changing the name of the network adapter also would happen sometimes when you shutdown the VM (from the portal, which would also de-allocate resources).
Even if the above mentioned limitations are fixed (today, or in the future). I would not rely on using specific name for the adapter in my application.
Even with the recently added feature to have multiple NICs, as described here, you cannot influence the name of the NIC which the OS uses:
The interface name must be unique for the VM, but does not represent
the names of the NICs inside the VM.
It is important to know that the settings for the NIC you dictate from your Virtual Network setup (DNS, IP Address, Subnet Mask) are guaranteed to be taken by your VM. So why the need for specific network adapter name. Also, keep in mind that you should never manually change the network settings inside an Azure VM.

Moving primary domain controller to a different Azure virtual network

I have created an Azure virtual network with a specific address space - 10.0.0.0/8. I created a subnet beneath it, 10.10.0.0/16, and added several machines to this subnet, including a PDC and a BDC, which are also acting as DNS servers.
Unfortunately, that is not exactly what I meant to do, I meant to create the address space as 10.10.0.0/16, with the intent of connecting it to some other virtual networks using S2S VPN gateways. The other virtual networks are set up using address spaces configured as: 10.x.0.0/16
To rectify the situation, based on what I could find here and on MSDN, I created a new virtual network in the same region with the correct address space (10.10.0.0/16), then deleted the VMs in the old virtual network (but left the VHDs) and recreated the VMs in the new virtual network using the old VHDs.
This seems to be working as expected. Now I am down to the domain controllers and one other machine. Will there be any issues with following the same process to move a domain controller? I realize the system GUID will be different, but was not sure if this impacts anything relative to AD and the DNS servers.
TIA for you help.
Looks like no impacts from the AD perspectives. From a DNS perspective, Azure assigned IP addresses to the machines in the order that they were restarted, so to avoid confusing DNS, I restarted the VMs in order of increasing IP address.
Needed to make sure SQL Server data volumes were attached before starting the machine, otherwise the database would show as being in a pending recovery state.
Also, apps that depend on MAC address (such as some license servers) did require new license files, as the MAC address changed.

Resources