Cloud Computing

Setup a Virtual Network in Windows Azure

How do I set up a virtual network in Windows Azure that doesn’t use computer resources when idle?

To be fair, Windows Azure isn’t designed to be used by IT professionals for the purposes of setting up lab environments, but there are advantages to using Azure over other cloud services designed specifically for the purposes of creating test environments. In this Ask the Admin, I’ll show you how to set up a virtual network in Windows Azure so that VMs receive the same IP address every time they are started after deallocation.

No Support for Static IP Addresses

The biggest immediate drawback with Azure is that there is no support for static IP addresses. That is, setting a static IP address in the network configuration on Windows Server is not supported, and DHCP must be used for IPv4 address configuration. This is a problem for Active Directory domain controllers, which must be configured with the same IP address every time they are started.

To resolve this issue, Azure introduces the concept of persistent IP addresses, in which VMs are guaranteed to receive the same IP address each time they start, provided that the VM is stopped and not shut down (deallocated). While in a production environment this minor restriction is not likely to be a problem, for IT professionals wishing to set up a lab environment, VMs that are allocated fabric resources generate compute costs.

Virtual Network for a Lab Environment

In the following instructions, we’ll create a virtual network that allows us to create two domain controllers (DCs) that will be assigned the same IP address each time they are started, even after being deallocated from the Azure fabric.

Sponsored Content

What is “Inside Microsoft Teams”?

“Inside Microsoft Teams” is a webcast series, now in Season 4 for IT pros hosted by Microsoft Product Manager, Stephen Rose. Stephen & his guests comprised of customers, partners, and real-world experts share best practices of planning, deploying, adopting, managing, and securing Teams. You can watch any episode at your convenience, find resources, blogs, reviews of accessories certified for Teams, bonus clips, and information regarding upcoming live broadcasts.

The VMs don’t need to be created with persistent IP addresses. The trick is to create a unique subnet for each VM requiring a constant IP address. IP addresses are always assigned in order, starting from the lowest available address in the pool.

For simplicity, let’s use the default address space that Azure assigns to virtual networks. I’ll start by configuring a DNS server address ( for the space and then divide it into three subnets: for the first DC and DNS server, for the second optional DC, and for all other servers in my lab.

  • Log in to the Azure management portal.
  • Click Networks in the blue pane on the left of the portal.
  • In the main window under Networks, click DNS Servers.
  • Click +New in the bar at the bottom of the screen.
  • Click Register DNS Server in the pop-up dialog.
  • Give the DNS server a name, in my case I’m going to call it CONTOSODNS1, set as the IP address and then click Register DNS Server in the bottom right of the pop-up dialog.

Register a DNS server in Windows Azure

  • Back in the main portal window under Networks, click Virtual Networks.
  • Click +New in the bar at the bottom of the screen.
  • Click Custom Create in the pop-up dialog.
  • In the Create a Virtual Network window, give the new network a name, and either create or select an existing affinity group. Click the arrow in the bottom right of the window to continue.
  • On the DNS Servers and VPN Connectivity screen, select the DNS server we just created and click the forward arrow in the bottom right to continue.
  • On the Virtual Network Address Spaces screen, click Subnet-1 and rename it DC1-subnet.
  • Click Add subnet and call the new subnet DC2-subnet. Make sure the starting IP address is set to and CIDR set to /11.
  • Click Add subnet again, this time calling the new subnet Servers-subnet, making sure the starting IP address is set to and CIDR set to /11.
  • To complete the process, click the tick in the bottom right of the window.

A virtual network in Windows Azure

When you add a new virtual machine in Azure, select the CONTOSONET virtual network and select the appropriate subnet: DC1-subnet for your first DC and DNS server (, DC2-subnet if you choose to add a second DC (, and Servers-subnet for all other servers. Don’t forget that the subnets created for the two DCs should only ever contain one VM. Once the DCs are assigned to the appropriate subnets, you can shut them down (deallocate) using PowerShell or the Azure management console and be sure they will receive the same address when restarted.

Be sure to check out my two-part series for more information on setting up Active Directory on Azure for use in a production environment, and how to create VMs with persistent IP addresses.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.
External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by:

Office 365 Coexistence for Mergers & Acquisitions: Don’t Panic! Make it SimpleLive Webinar on Tuesday, November 16, 2021 @ 1 pm ET

In this session, Microsoft MVPs Steve Goodman and Mike Weaver, and tenant migration expert Rich Dean, will cover the four most common steps toward Office 365 coexistence and explain the simplest route to project success.

  • Directory Sync/GAL Sync – How to prepare for access and awareness
  • Calendar Sharing – How to retrieve a user’s shared calendar, or a room’s free time
  • Email Routing – How to guarantee email is routed to the active mailbox before and after migration
  • Domain Sharing – How to accommodate both original and new SMTP domains at every stage

Aimed at IT Admins, Infrastructure Engineers and Project Managers, this session outlines both technical and project management considerations – giving you a great head start when faced with a tenant migration.the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

Sponsored by: