Launch an InstanceΒΆ
Now launch an instance of TNSR:
Install
azure-cli. Instructions can be found at https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latestLogin to your Azure account running:
$ az loginConfigure the default location.
$ az configure --defaults location=centralus
Create a resource group to be used to store all TNSR related objects if it does not already exist.
$ az group create -n TNSR-Resource-GroupCreate Virtual Network and Subnets.
$ az network vnet create \ -n TNSR-VNet \ -g TNSR-Resource-Group \ --address-prefixes 10.5.0.0/16 $ az network vnet subnet create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ -n TNSR-WAN-Subnet \ --address-prefixes 10.5.0.0/24 $ az network vnet subnet create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ -n TNSR-LAN-Subnet \ --address-prefixes 10.5.1.0/24 $ az network vnet subnet create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ -n TNSR-MGMT-Subnet \ --address-prefixes 10.5.2.0/24
Create Public IPs to be used by WAN and Management interfaces.
$ az network public-ip create \ -g TNSR-Resource-Group \ -n TNSR-WAN-IP $ az network public-ip create \ -g TNSR-Resource-Group \ -n TNSR-MGMT-IP
Create a Network Security Group (NSG).
$ az network nsg create -n TNSR-MGMT-NSG -g TNSR-Resource-Group $ az network nsg rule create \ --name MGMT_Allow_SSH \ --nsg-name TNSR-MGMT-NSG \ -g TNSR-Resource-Group \ --priority 100 \ --access Allow \ --destination-port-ranges 22 \ --direction Inbound \ --protocol Tcp
Create the Management Network Interface.
$ az network nic create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ --subnet TNSR-MGMT-Subnet \ -n TNSR-MGMT-nic \ --public-ip-address TNSR-MGMT-IP \ --network-security-group TNSR-MGMT-NSG
Create the WAN Network Interface.
$ az network nic create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ --subnet TNSR-WAN-Subnet \ -n TNSR-WAN-nic \ --public-ip-address TNSR-WAN-IP \ --ip-forward \ --accelerated-network
Create the LAN Network Interface.
$ az network nic create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ --subnet TNSR-LAN-Subnet \ -n TNSR-LAN-nic \ --ip-forward \ --accelerated-network
Choose the VM Size to be used. To get a list of sizes that are able to run TNSR, run the following command and export a variable called TNSR_SIZE with it.
$ az vm list-sizes \ --query "[?numberOfCores >= \`4\`] | [?memoryInMb >= \`8192\`].name | sort(@)" \ --output tsv $ export TNSR_SIZE=<FILL DESIRED SIZE HERE> # EXAMPLE: $ export TNSR_SIZE="Standard_DS4_v2"
Choose the TNSR image URN to be used from the list obtained with the following command and export a variable called TNSR_URN with it.
$ az vm image list \ --publisher Netgate \ --all \ --query "[?contains(offer,'tnsr')].{Sku:sku, Version:version Urn:urn}" \ --output table $ export TNSR_URN="netgate:netgate-tnsr-azure-fw-vpn-router:netgate-tnsr:20.02.2"
Export a variable called TNSR_SSH_KEY containing a path to a valid SSH public key.
$ export TNSR_SSH_KEY="~/.ssh/id_rsa.pub"
Accept Azure Marketplace terms so that the image can be used to create VMs.
$ az vm image terms accept --urn ${TNSR_URN}
Note
Previous versions of
Azure CLIused the command$ az vm image accept-terms --urn ${TNSR_URN}Create a Storage Account.
$ az storage account create -n tnsrsa -g TNSR-Resource-GroupCreate the TNSR Virtual Machine.
$ az vm create \ --admin-username tnsr \ --image ${TNSR_URN} \ --name TNSR-Instance1 \ --nics TNSR-MGMT-nic TNSR-WAN-nic TNSR-LAN-nic \ --os-disk-size-gb 20 \ --resource-group TNSR-Resource-Group \ --size ${TNSR_SIZE} \ --ssh-key-value ${TNSR_SSH_KEY} \ --boot-diagnostics tnsrsa