Creating and uploading your Azure RemoteApp template image

Creating and uploading the image for RemoteApp turned out to be a challenge for some odd reasons. For the script Upload-AzureRemoteAppTemplateImage.ps1 to work you need to make sure you fulfill the prereqs it needs. Which can be found if you read the script ūüėČ

If Upload-AzureRemoteAppTemplateImage.ps1 fails for “odd” reasons you need to make sure that you’re running PowerShell as Admin and that you’re starting “Windows Azure PowerShell” or have the Azure module loaded.

Here’s my short list of what you need to do:

  • Create a new Hyper-V VM with a 40 GB FIXED dynamic (now supported) size disk.
  • Install Windows Server 2012 R2 (only OS supported)
  • Install RDSH role and Desktop Experience feature (both needed)
  • Reboot (needed to make sure application installations are aware of RDS)
  • Login
  • Install the applications you want to publish to your users
  • From an elevated CMD, run “fsutil behavior set disableencryption 1” (disables EFS encryption of file system)
  • Reboot (makes sure EFS disable is written to registry)
  • Login
  • Run “sysprep /oobe /generalize /shutdown”

Once your machine is turned off you need to start PowerShell as administrator with the Azure cmdlets.

Run the script provided by the portal, find your VHD-file and you should be on your way!

Uploading the file

upload4

 

 

The portal states the template status as “uploading”

upload3

Connecting an Azure RemoteApp virtual network to a virtual network

So you finally got your trial approved for RemoteApp and thought you’d connect your RemoteApp virtual network to the rest of your infrastructure in Azure? Well, I stepped in that pile too. But solved it in the usual way, with PowerShell and the new multi-vnet Configuration ability.

You need at least one existing virtual network, and you need to configure a virtual network in the RemoteApp part of the portal.

Click RemoteApp -> Virtual Networks -> Create

Enter a name for your network and select region.

01

Enter the address space you want for your RemoteApp server(s) and the address space for your local networks. With local networks I mean either your on-premises network or the other networks you have defined in Azure. In my case I’ll be connecting my RemoteApp network to my other networks in Azure.

02

Enter the DNS-servers you want your RemoteApp server to receive from DHCP. This is so your applications can resolve your local hostnames, for SQL connectivity or any other type of traffic. You also need to specify the address of the VPN device. I’ve entered the address to my gateway in Azure. If you’re connecting multiple virtual networks you MUST select “Dynamic” for VPN gateway type. Static routing only works between two networks in Azure.

03

Network created, now waiting for VPN Configuration.

04

Now we’ll click on “Manage key” and copy the address for the gateway. You might as well copy the key to a notepad file while you’re at it.

05

Add your RemoteApp network as a local network in the “Networks” part of the portal. Specify the gateway address you just copied.

08

When it’s saved, export the network configuration from the portal. Open the XML-file and edit the corresponding Virtual network, adding a connecction to your newly created “local” network. Mine is named RemoteAppVnet as you can see below.

09

Import your configuration to Azure. Networks -> New -> Network Services -> Import configuration

import

Once your information is imported you’ll see your new network as “Not connected” in the overview in the virtual network.

Open PowerShell (with the Azure cmdlets) and run the following two commands. Substituting the vnetname and local network name and key for your values of course.

07

Once those are run your networks should be connected and all green!

06

How to configure multiple virtual network connections in Azure

When using infrastructure as a service in Microsoft Azure you could earlier only have one virtual network, which would be like it’s own little isolated island. A while back Microsoft enabled for its customers to connect multiple virtual networks together, both in the same datacenter, same region, cross region and cross subscription. This enables a whole lot of new scenarios, for example building your own global datacenter on top of Azure infrastructure.

So how do you go about doing it? Well, you need to start with planning. I know it’s boring but if you don’t you could end up having to tear everything down just to rebuild it, doesn’t sound too much fun either.

What you need before starting:

An ip-plan
A VPN device with a public IPv4 address (not necessary, but will let you enable a hybrid cloud scenario)
PowerShell cmdlets for Azure installed and configured

My ip-plan looks like this:

Local network name Subnet
HomeNet 10.0.0.0/24
AzureNet-Local 10.0.1.0/24
USNet-Local 10.0.2.0/24
JNNet-Local 10.0.3.0/24

Of the networks above HomeNet is my physical network location. The other three networks exists only in Azure. What you must make sure when you plan is that no range overlap anywhere, no matter if it’s in Azure or at any physical locations.

 

Once you’ve planned that I have a separate table for my topology so I know which networks to connect. When starting off you won’t know your gateway ip, so don’t worry.

Virtual Network Subnet Gateway Local network
AzureNet 10.0.1.0/24 137.117.227.xxx HomeNet 10.0.0.0/24
USNet 10.0.2.0/24 168.61.160.xxx JNNet 10.0.3.0/24
JNNet 10.0.3.0/24 23.97.77.xxx USNet 10.0.2.0/24

 

Getting started

Starting off I already have one network called AzureNet (10.0.1.0/24) which is connected to my physical network Homenet (10.0.0.0/24). You can follow this guide even if you don’t have that, just repeat the process.

vlcsnap-2014-06-13-09h38m57s199

 

 

Let’s create a new virtual network first

In the portal, click New -> Network Services -> Virtual Network -> Custom Create

Name your network and select a location. South Central is in Brazil so I’ve named my network BRnet.

 

newnet01

 

 

Select (or enter) your DNS servers ip and name for local name resolution.

newnet02

 

 

Enter your address space. Make sure there’s no overlapping subnets anywhere. Very important!

newnet03

 

 

Repeat this process for all the virtual networks you need.

When all your virtual networks are created it’ll look like this. Note the different locations in my setup, placing my networks in Japan, USA and Amsterdam.

vlcsnap-2014-06-13-09h38m43s56

 

 

Local networks

When the virtual networks are done we’ll create local networks of the virtual networks. This is because to be able to connect the networks they need to be defined as “local” in Azure.

 

vlcsnap-2014-06-13-09h40m17s223

 

 

Name your network, and specify 1.2.3.4 as VPN device address.

vlcsnap-2014-06-13-09h40m28s87

 

 

Specify the address space that you’ve planned beforehand.

vlcsnap-2014-06-13-09h40m51s54

 

 

Repeat this for each virtual network, re-defining it as local.

When you’re done it’ll look like this

vlcsnap-2014-06-13-09h41m17s60

 

 

Switch back to your virtual networks in the portal and go into the configure tab. Check the “connect to the local network”-box and select the corresponding “local network” that you planned before. Click save at the bottom. Repeat this process for each virtual network connecting it to the designated “local” network.

vlcsnap-2014-06-13-09h42m01s246

 

 

Next step is to create the dynamic gateway. You get the message “The gateway was not created” in the portal. At the bottom click “Create gateway” and select “Dynamic”. Do this for all your virtual networks. It’ll take 10-25 minutes to finish for each gateway. Coffee time!

vlcsnap-2014-06-13-09h42m39s112

 

 

When they’re all done, note the gateway ip address in your table for all your networks/gateways.

vlcsnap-2014-06-13-09h39m08s45

 

 

Edit your local networks and add the gateway ip address for each network.Click on the network, click Edit and enter your gateway ip.

vlcsnap-2014-06-13-09h44m40s40

 

 

When all virtual networks and their corresponding local networks are created it’s XML-time. Get some more coffee!

Click the Export-button and save the file.

Open it in Notepad / Notepad++ (if you haven’t tried it you must)

In the XML you’ll find the section <LocalNetworkSites> which contains all the networks defined as local.

<LocalNetworkSites>
<LocalNetworkSite name="AzureNet-Local">
<AddressSpace>
<AddressPrefix>10.0.1.0/24</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>137.117.227.238</VPNGatewayAddress>
</LocalNetworkSite>
<LocalNetworkSite name="HomeNet">
<AddressSpace>
<AddressPrefix>10.0.0.0/24</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>178.78.193.167</VPNGatewayAddress>
</LocalNetworkSite>
<LocalNetworkSite name="JNNet-Local">
<AddressSpace>
<AddressPrefix>10.0.3.0/24</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>23.97.65.15</VPNGatewayAddress>
</LocalNetworkSite>
<LocalNetworkSite name="USNet-Local">
<AddressSpace>
<AddressPrefix>10.0.2.0/24</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>168.61.160.90</VPNGatewayAddress>
</LocalNetworkSite>
</LocalNetworkSites>

If you look further down in the XML you’ll find the section <VirtualNetworkSites>. This contains subsections for each virtual network site <VirtualNetworkSite>, and in that section in turn you’ll see where to define the connections to each network.

 

<ConnectionsToLocalNetwork>
<LocalNetworkSiteRef name="HomeNet">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
<LocalNetworkSiteRef name="JNNet-Local">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
<LocalNetworkSiteRef name="USNet-Local">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
</ConnectionsToLocalNetwork>

So for each virtual network you’ll need to copy and paste each local network as above.

If you look at my complete XML I’ve marked those sections in red.

<NetworkConfiguration xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration">
<VirtualNetworkConfiguration>
<Dns>
<DnsServers>
<DnsServer name="cmdc01" IPAddress="192.168.1.4" />
<DnsServer name="cmdemodc01" IPAddress="192.168.1.10" />
<DnsServer name="DC01" IPAddress="10.0.0.10" />
<DnsServer name="DC02" IPAddress="10.0.1.4" />
</DnsServers>
</Dns>
<LocalNetworkSites>
<LocalNetworkSite name="AzureNet-Local">
<AddressSpace>
<AddressPrefix>10.0.1.0/24</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>137.117.227.238</VPNGatewayAddress>
</LocalNetworkSite>
<LocalNetworkSite name="HomeNet">
<AddressSpace>
<AddressPrefix>10.0.0.0/24</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>178.78.193.167</VPNGatewayAddress>
</LocalNetworkSite>
<LocalNetworkSite name="JNNet-Local">
<AddressSpace>
<AddressPrefix>10.0.3.0/24</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>23.97.65.15</VPNGatewayAddress>
</LocalNetworkSite>
<LocalNetworkSite name="USNet-Local">
<AddressSpace>
<AddressPrefix>10.0.2.0/24</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>168.61.160.90</VPNGatewayAddress>
</LocalNetworkSite>
</LocalNetworkSites>
<VirtualNetworkSites>
<VirtualNetworkSite name="AzureNet" AffinityGroup="AzureNet">
<AddressSpace>
<AddressPrefix>10.0.1.0/24</AddressPrefix>
</AddressSpace>
<Subnets>
<Subnet name="Subnet-1">
<AddressPrefix>10.0.1.0/27</AddressPrefix>
</Subnet>
<Subnet name="Contoso-Subnet">
<AddressPrefix>10.0.1.200/27</AddressPrefix>
</Subnet>
<Subnet name="GatewaySubnet">
<AddressPrefix>10.0.1.32/29</AddressPrefix>
</Subnet>
</Subnets>
<DnsServersRef>
<DnsServerRef name="DC01" />
<DnsServerRef name="DC02" />
</DnsServersRef>
<Gateway>
<ConnectionsToLocalNetwork>
<LocalNetworkSiteRef name="HomeNet">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
<LocalNetworkSiteRef name="JNNet-Local">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
<LocalNetworkSiteRef name="USNet-Local">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
</ConnectionsToLocalNetwork>
</Gateway>
</VirtualNetworkSite>
<VirtualNetworkSite name="CMDemo" AffinityGroup="CMDemo-AFG">
<AddressSpace>
<AddressPrefix>192.168.1.0/24</AddressPrefix>
</AddressSpace>
<Subnets>
<Subnet name="Infra">
<AddressPrefix>192.168.1.0/26</AddressPrefix>
</Subnet>
<Subnet name="Mgmt">
<AddressPrefix>192.168.1.64/26</AddressPrefix>
</Subnet>
<Subnet name="Clients">
<AddressPrefix>192.168.1.128/27</AddressPrefix>
</Subnet>
</Subnets>
<DnsServersRef>
<DnsServerRef name="cmdc01" />
</DnsServersRef>
</VirtualNetworkSite>
<VirtualNetworkSite name="JnNet" AffinityGroup="JnNet-AFG">
<AddressSpace>
<AddressPrefix>10.0.3.0/24</AddressPrefix>
</AddressSpace>
<Subnets>
<Subnet name="Subnet-1">
<AddressPrefix>10.0.3.0/28</AddressPrefix>
</Subnet>
<Subnet name="Subnet-2">
<AddressPrefix>10.0.3.24/29</AddressPrefix>
</Subnet>
<Subnet name="Subnet-3">
<AddressPrefix>10.0.3.32/27</AddressPrefix>
</Subnet>
<Subnet name="GatewaySubnet">
<AddressPrefix>10.0.3.16/29</AddressPrefix>
</Subnet>
</Subnets>
<DnsServersRef>
<DnsServerRef name="DC01" />
</DnsServersRef>
<Gateway>
<ConnectionsToLocalNetwork>
<LocalNetworkSiteRef name="USNet-Local">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
<LocalNetworkSiteRef name="AzureNet-Local">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
</ConnectionsToLocalNetwork>
</Gateway>
</VirtualNetworkSite>
<VirtualNetworkSite name="UsNet" AffinityGroup="CentralUS-AG">
<AddressSpace>
<AddressPrefix>10.0.2.0/24</AddressPrefix>
</AddressSpace>
<Subnets>
<Subnet name="Subnet-1">
<AddressPrefix>10.0.2.0/28</AddressPrefix>
</Subnet>
<Subnet name="Subnet-2">
<AddressPrefix>10.0.2.24/29</AddressPrefix>
</Subnet>
<Subnet name="GatewaySubnet">
<AddressPrefix>10.0.2.16/29</AddressPrefix>
</Subnet>
</Subnets>
<DnsServersRef>
<DnsServerRef name="DC02" />
</DnsServersRef>
<Gateway>
<ConnectionsToLocalNetwork>
<LocalNetworkSiteRef name="JNNet-Local">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
<LocalNetworkSiteRef name="AzureNet-Local">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
</ConnectionsToLocalNetwork>
</Gateway>
</VirtualNetworkSite>
</VirtualNetworkSites>
</VirtualNetworkConfiguration>
</NetworkConfiguration>

Note that for each network there is a corresponding section of <ConnectionsToLocalNetwork>.

When you’re done save the file and then it’s time to import it!

import

 

 

Wait for your networks to configure. Then it’s PowerShell-time!

Fire up PowerShell with the Azure cmdlets.

Run the cmdlet “Set-AzureVNetGatewayKey -VNetName AzureNet -LocalNetworkSiteName JNNet-Local -SharedKey a1b2c3d4” for each virtual network setting the key for each local network.

So I’d run:

Set-AzureVNetGatewayKey -VNetName AzureNet -LocalNetworkSiteName JNNet-Local -SharedKey a1b2c3d4
Set-AzureVNetGatewayKey -VNetName AzureNet -LocalNetworkSiteName USNet-Local -SharedKey a1b2c3d4
Set-AzureVNetGatewayKey -VNetName AzureNet -LocalNetworkSiteName HomeNet -SharedKey a1b2c3d4
Set-AzureVNetGatewayKey -VNetName JNNet -LocalNetworkSiteName USNet-Local -SharedKey a1b2c3d4
Set-AzureVNetGatewayKey -VNetName JNNet -LocalNetworkSiteName AzureNet-Local -SharedKey a1b2c3d4

And so on, switching the virtual network and the local network according to your topology.

When you’re done with that it’s time to connect your networks:

Set-AzureVNetGateway -VNetName AzureNet -LocalNetworkSiteName JNNet -Connect

And as before, substitute the vnetnames and local network names.

Once done it’ll (hopefully) look like this:

vlcsnap-2014-06-13-09h46m22s38

 

 

How did you do? Let me know in the comments!