Creation of the Network Security Group

1. Go to All Services, type and select Network security groups



2. Click on Add and assign the following values:
   • Name: nsg-vvillar
   • Subscription: <Your subscription>
   • Resource group: rg-vvillar
   • Location: East US



3. Go to the section Inbound security rules and then click on Add in the upper part of the window. Add the following values:
   • Source: Any
   • Source port ranges: *
   • Destination: Any
   • Destination port ranges: 3389
   • Protocol: Any
   • Action: Allow
   • Priority: 100
   • Name: Port_3389
   • Click on Add



4. Repetir el mismo procedimiento, pero ahora para el puerto 80, en Destination port ranges indicar el puerto 80, en Priority 110, en Name Port_80 y dar click en Add





5. As next step we will link the Network Security Group to our subnet where our virtual machines are located, go to the Virtual Networks resource and select the vvillar-vnet network and go to the Subnets section, there we visualize our subnet Snet-DMZ-Prod, click on the subnet



6. Select Network Security Group and select the Network Security Group that we just created



7. Click on Save in the upper part of the window

Creation of the Azure Load Balancer

1. Click on All Services and type load balancers, select the resource that appears on the screen.



2. In the upper part of the window click on Add and indicate the following values
   • Subscription: Select your subscription
   • Resource Group: rg-vvillar
   • Name: lb-vvillar
   • Region: East US
   • Type: External
   • SKU: Standard
   • Public IP Address: Create new
   • Public IP Address Name: pip-lb-vvillar
   • Availability Zone: Zone-redundant



3. Click on Next: Tags>
   • Name: Load Balancer
   • Value: Load Balancer 01



4. Click on Next: Review+create> We see that the message Validation passed appears and click on Create Wait for the resource to finish creating and go to this by clicking on Go to resource group and then select our Load Balancer resource



5. Go to the Backend pools section and add our two virtual machines by clicking on Add at the top with the following values
   • Name: bp-vvillar
   • Virtual Network: vvillar-vnet
   Add the two virtual machines indicating the private IP address of each one and click on Add



6. Then go to the Health Probes section, click on Add at the top and fill in the following values.
   • Name: hp-vvillar
   • Protocol: HTTP
   • Port: 80
   • Path: /
   • Interval: 5
   • Unhealthy threshold: 2
   • Click on OK



7. Go to the Load Balancing Rules section, click on Add in the upper part of the window and fill in the following values:
   • Name: lbr-vvillar
   • IP Version: IPv4
   • FrontEnd IP address: <The address given to us by default when the load balancer was created>
   • Protocol: TCP
   • Port: 80
   • Backend port: 80
   • Backend pool: bp-vvillar
   • Health probe: HP-vvillar (HTTP:80)
   • Session persistence: If you want to have persistence in the session then we indicate yes, either by IP or by IP and protocol.
   • Iddle timeout (minutes): 4
   • Floating timeout (direct server return): Disabled
   • Damos click en OK





8. To be able to access the servers through RDP without the need to have a public IP for each one, we can establish NAT rules, to do so we go to the Inbound NAT Rules section, click on Add at the top and enter the following values:
   • Name: INR-vvillar01
   • Service: RDP
   • Port: 3389
   • Associated to: Availability Set
   • Availability Set: as-vvillar
   • Target virtual machine: vm-vvillar
   • Network IP configuration: ipconfig (10.1.0.4)
   • Port Mapping: Custom
   • Floating IP: Disabled
   • Target port: 3389
   • Click on OK





9. Repeat the same procedure for the other virtual machine indicating as Port 5001 and selecting the IP of the second virtual machine

Click here to go to the fourth part