Exercise - Configure Network Access

In this lesson, you will configure network access to the virtual machine (VM) you created earlier. Specifically, you will allow inbound HTTP access on port 80 to your web server.

Task 1: Log in and Access the CLI

To get started, you need to log in to the Azure Portal and access the Cloud Shell.

Log in to Azure Portal

Access the Cloud Shell

Now, you have access to the Azure CLI through the Cloud Shell.

Task 2: Verify or Create the Virtual Machine

You created a VM in the lesson titled "Create an Azure Virtual Machine via CLI." If that VM still exists, use it. If not, you will need to create a new VM.

Check if the VM Exists

First, run the following command to see if any VMs are running:

az vm list

If you see your VM listed, you can skip to the next task. If the VM is not listed, recreate it using the commands below.

Create the VM (if needed)

If the VM is not running, create it with the following command:

az vm create \
  --resource-group FreeResourcesRG \
  --name my-vm \
  --public-ip-sku Standard \
  --image Ubuntu2204 \
  --admin-username azureuser \
  --generate-ssh-keys

Install Nginx on the VM

Next, install Nginx using the Custom Script Extension:

az vm extension set \
  --resource-group FreeResourcesRG \
  --vm-name my-vm \
  --name customScript \
  --publisher Microsoft.Azure.Extensions \
  --version 2.1 \
  --settings '{"fileUris":["https://raw.githubusercontent.com/MicrosoftDocs/mslearn-welcome-to-azure/master/configure-nginx.sh"]}' \
  --protected-settings '{"commandToExecute": "./configure-nginx.sh"}'

Task 3: Verify the VM is Running

To ensure the VM you created previously is still running, use the following command:

az vm list

If you receive an empty response [], you need to create the VM using the commands provided above. If the VM is listed, proceed to the next steps.

Once you have a VM running with NGINX installed, you should be able view it in your FreeResourcesRG Resource Group like so:

Task 4: Access Your Web Server

Now you're going to attempt to access the NGINX webservers default web page. It is expected that this will NOT work initially and our connection will timeout instead of successfully loading the default web page. This is because while we have installed the web server, we did not correctly configured the network access to the webserver.

To demonstrate the problem, get the IP address of your VM and attempt to access the web server's home page.

Get the IP Address

IPADDRESS="$(az vm list-ip-addresses \
  --resource-group FreeResourcesRG \
  --name my-vm \
  --query "[].virtualMachine.network.publicIpAddresses[*].ipAddress" \
  --output tsv)"

Download the Home Page with Curl

curl --connect-timeout 5 http://$IPADDRESS

You see a timeout error, it means the VM isn't accessible within the timeout period.

Optional: Access the Web Server from a Browser

Print your VM's IP address:

echo http://$IPADDRESS

Copy the IP address (or left-ctrl+right-click the URL) and open it in a new browser tab. You should see a connection timeout error. Keep this tab open for later.

To fix this issue, we need need to allow our traffic to access the NGINX server. The default port for HTTP is port 80,

Task 5: List Current Network Security Group Rules

List the network security groups associated with your VM:

az network nsg list \
  --resource-group FreeResourcesRG \
  --query '[].name' \
  --output tsv

You should see:

my-vmNSG

This NSG was automatically created for your VM.

List the rules associated with the NSG:

az network nsg rule list \
  --resource-group FreeResourcesRG \
  --nsg-name my-vmNSG

This will output a large JSON block. Run the command again to make it readable:

Server Academy Members Only

Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.

Sign In Get Instant Access