The Azure Quickstart templates are currently available in English
This template creates an Azure Firewall sandbox (Linux) with one firewall force tunneled through another firewall in a peered VNET
此 Azure Resource Manager (ARM) 模板由社区的某个成员(而不是由 Microsoft)创建。每个 ARM 模板都根据其所有者(不是 Microsoft)的许可协议向你授予许可。Microsoft 不对由社区成员提供并授予许可的 ARM 模板负责,并且不针对安全性、兼容性和性能进行筛选。社区 ARM 模板不由任何 Microsoft 支持计划或服务提供支持,按“原样”提供,没有任何种类的担保。
参数
| 参数名 | 说明 |
|---|---|
| virtualNetworkName | virtual network name to tunnel from |
| tunnelToVirtualNetworkName | virtual network name to tunnel to |
| adminUsername | Username for the Virtual Machine. |
| location | Location for all resources, the location must support Availability Zones if required. |
| availabilityZones | Zone numbers e.g. 1,2,3. |
| vmSize | Zone numbers e.g. 1,2,3. |
| numberOfFirewallPublicIPAddresses | Number of public IP addresses for the Azure Firewall |
| authenticationType | Type of authentication to use on the Virtual Machine. SSH key is recommended. |
| adminPasswordOrKey | SSH Key or password for the Virtual Machine. SSH key is recommended. |
使用模板
PowerShell
New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment安装和配置 Azure PowerShell
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/azurefirewall-forced-tunneling/azuredeploy.json
命令行
az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment安装和配置 Azure 跨平台命令行界面
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/azurefirewall-forced-tunneling/azuredeploy.json