Install and Configure Windows Server 2019 Azure Network Adapter

0

There are many new and exciting features found in Windows Server 2019 and many of these have to do with much more seamless and tighter cloud integration. Microsoft has done a great job of introducing new and improved functionality and tooling to assist organizations with their migrations to the public cloud as well as hybrid cloud which is certainly the most common scenario among enterprise environments today who have the need for resources existing both on-premises and in the public cloud. With the introduction of the Windows Admin Center, Microsoft has made possible a powerful utility that provides powerful integration with Windows Server 2019 and Microsoft Azure. One of the great new features in Windows Server 2019 for Azure integration is the Azure Network Adapter. In this post we will take a look at what the Azure Network Adapter is as well as how to install and configure Windows Server 2019 Azure Network Adapter.

What is the Azure Network Adapter?

The Azure Network Adapter is a new functionality built into the Windows Admin Center that allows creating a virtual network adapter in Windows Server 2019 that is essentially a direct VPN connection to your Microsoft Azure. The really great thing about this new feature is that Microsoft takes all the heavy lifting out of the solution by taking care of the complexities of the configuration between your server and Azure all within the GUI, wizard driven interface of the Windows Admin Center.

This provides an extremely easy way to make a connection between a Windows Server 2019 workload on-premises to your Microsoft Azure environment. There are many different use cases this may fit, however, if you did not have the need to setup a site-to-site VPN connection between your on-premises environment and Microsoft Azure, this is a perfect fit for the Azure Network Adapter and the VPN connection it creates on the server itself. This might certainly come in handy in an edge environment without much network or other infrastructure. Creating a connection to your Azure resources would be easily accomplished in this edge environment with the Azure Network Adapter.

Install and Configure Windows Server 2019 Azure Network Adapter

Let’s take a look at the actual install and configure process in the Windows Admin Center to install and configure Windows Server 2019 Azure Network Adapter.

The below walk through assumes you have already got a Windows Server 2019 machine in place with access to the Windows Admin Center console.

Register-your-Windows-Admin-Center-Account-with-Azure-to-begin-configuring Install and Configure Windows Server 2019 Azure Network Adapter
Register your Windows Admin Center Account with Azure to begin configuring

The process to connect your Windows Admin Center Azure Network Adapter is fairly straightforward. The process first generates a code for you to paste into the portal. Hit the Copy Code button to copy the code. In step 2, click teh Device Login link to paste the code.

Code-is-generated-to-make-the-connection-from-Windows-Admin-Center-to-Azure Install and Configure Windows Server 2019 Azure Network Adapter
Code is generated to make the connection from Windows Admin Center to Azure

If you are not logged in already, you will be asked to login to your Azure PowerShell application on your device. After you have done this, you are returned back to Windows Admin Center.

After-signing-into-Azure-the-connection-process-will-complete Install and Configure Windows Server 2019 Azure Network Adapter
After signing into Azure the connection process will complete

Windows Admin Center will have the Register the gateway with Azure displaying. Select your Azure tenant you want to use for the connection.

Register-the-gateway-with-Microsoft-Azure Install and Configure Windows Server 2019 Azure Network Adapter
Register the gateway with Microsoft Azure

Once you have done this, you will see your Azure instance registered in the Windows Admin Center. Thankfully, they make it easy for you as well to view from the Azure side of things with a hyperlink right to the Azure portal screen to view your registration from Windows Admin Center.

Windows-Admin-Center-nows-shows-registered-under-the-Azure-connection Install and Configure Windows Server 2019 Azure Network Adapter
Windows Admin Center nows shows registered under the Azure connection

Now, the first phase is done – registering Windows Admin Center with Azure. Next, we can Add Azure Network Adapter under the Network dashboard under your Windows Server 2019 host you are viewing in WAC.

Adding-the-Azure-Network-Adapter-in-Windows-Admin-Center Install and Configure Windows Server 2019 Azure Network Adapter
Adding the Azure Network Adapter in Windows Admin Center

Again, you will need to sign in if you haven’t already.

Login-to-the-Azure-Portal-using-your-credentials Install and Configure Windows Server 2019 Azure Network Adapter
Login to the Azure Portal using your credentials

In Windows Admin Center, the Add Azure Network AdapterMicrosoft Azure Virtual Network Settings dialog box will display. You have several configuration settings that need to be configured on this screen. This includes:

  • Subscription
  • Location – Make sure you know the data center location for your Azure resource as the Virtual Network will not appear until the correct location is selected.
  • Virtual Network
  • Gateway Subnet
Configuring-Microsoft-Azure-Virtual-Network-Adapter-settings Install and Configure Windows Server 2019 Azure Network Adapter
Configuring Microsoft Azure Virtual Network Adapter settings

The request to create the Azure Virtual Network Gateway is submitted to Azure from Windows Admin Center.

Request-is-submitted-from-Windows-Admin-Center-to-create-the-Microsoft-Azure-Virtual-Network-Gateway Install and Configure Windows Server 2019 Azure Network Adapter
Request is submitted from Windows Admin Center to create the Microsoft Azure Virtual Network Gateway

In the Notification dialog, you will see the Azure Virtual Network Gateway name as well as the estimated time for creating the Virtual Network gateway.

The-notification-of-the-Virtual-Network-Gateway-creation-shows-under-the-notifications-in-Azure Install and Configure Windows Server 2019 Azure Network Adapter
The notification of the Virtual Network Gateway creation shows under the notifications in Azure

You can monitor the process of the provisioning in Azure under your Azure portal.

Windows-Admin-Center-virtual-network-creation-shows-to-be-updating Install and Configure Windows Server 2019 Azure Network Adapter
Windows Admin Center virtual network creation shows to be updating

I noticed after I had created the adapter, the status was Disconnected which it should have attempted to connect automatically.

Point-to-Site-Azure-Network-Adapter-now-visible-in-Windows-Admin-Center Install and Configure Windows Server 2019 Azure Network Adapter
Point to Site Azure Network Adapter now visible in Windows Admin Center

After checking the firewall logs, I found the following block events. In the Palo, I had to add the following application IDs:

  • ike
  • ipsec-esp-udp
Make-sure-to-make-firewall-allowances-for-the-Azure-Network-Adapter-outbound-traffic Install and Configure Windows Server 2019 Azure Network Adapter
Make sure to make firewall allowances for the Azure Network Adapter outbound traffic

Now, let’s try to reconnect.

Manually-connecting-the-Azure-Network-Adapter-VPN-connection Install and Configure Windows Server 2019 Azure Network Adapter
Manually connecting the Azure Network Adapter VPN connection

VPN is successfully connected!

Azure-Network-Adapter-VPN-connected-successfully-from-the-Windows-Admin-Center-notifications Install and Configure Windows Server 2019 Azure Network Adapter
Azure Network Adapter VPN connected successfully from the Windows Admin Center notifications

Azure Network Adapter is now showing as connected in the Windows Admin Center!

Connected-status-in-Windows-Admin-Center-for-the-Azure-Network-Adapter-Point-to-Site-VPN Install and Configure Windows Server 2019 Azure Network Adapter
Connected status in Windows Admin Center for the Azure Network Adapter Point to Site VPN

Wrapping Up

The Azure Network Adapter is a great way to have point to site connectivity to your Azure environment. If you need across the board access from on-premises, you will probably want to use a site-to-site VPN connection, however, for one off or special use cases such as in edge environments, the Azure Network Adapter is an easy way to have access to your Azure resources/networks.