This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#vHUB effective routes | |
#parameters | |
rg=vwan-pair #Set your resource group | |
#variables (do not change) | |
#Parameter | |
$rg=vwan-pair | |
# Dump all vHUB route tables. | |
for vhubname in `az network vhub list -g $rg --query "[].id" -o tsv | rev | cut -d'/' -f1 | rev` | |
do | |
for routetable in `az network vhub route-table list --vhub-name $vhubname -g $rg --query "[].id" -o tsv` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Firewall Policy and network rules over CLI | |
# Variables: | |
Commands to create a networking rule with Firewall Policy: | |
#Create firewall rules | |
fwpolicyname=NewPolicyTest #Firewall Policy Name | |
rg=FW-Policies # Set your Resource Group |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
The scenario below we have four URIs: | |
1) afduri - pointing to the frontdoor name which has WebApps backends hosted in three different Azure Regions (EastUS, WestUS and CentralUS) | |
2) easturi - East US WebApp | |
3) westuri - West US WebApp | |
4) centraluri - Central US WebApp | |
1st GOAL - When client sends a request to Azure Front Door URI it will show | |
2nd GOAL - Turn off primary WebApp and validate failover from one region to another. | |
#> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Dumping Service Tags IP Ranges. | |
# 1) Specify target region variable. | |
$serviceTags = Get-AzNetworkServiceTag -Location uksouth | |
# 2) Get all service tags that can be queried | |
$serviceTags.Values.Name | |
# 3) Example dumping info for SQL service tag info on UK South (SQL.uksouth). You can replace with any value dumped on step 2. | |
$tag = $serviceTags.Values | Where-Object { $_.Name -eq "SQL.uksouth" } | |
# 4) Example dumps amount of Prefixes. | |
$tag.Properties.AddressPrefixes.count | |
# 5) Example dumping all Address Spaces used by specific Serive Tag |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ExpressRoute or VPN Virtual Network Gateway (VNG) BGP info. | |
$RG="<Replace>" # Add Resource Group ExpressRoute or VPN Virtual Network Gateway | |
$VNGName = "<Replace>" # Add ExpressRoute or VPN Gateway Name | |
$Peerinfo = Get-AzVirtualNetworkGatewayBGPPeerStatus -ResourceGroupName $RG -VirtualNetworkGatewayName $VNGName | |
#Shows Peer Connections State, Routes Received, BGP Messages send and received | |
$Peerinfo | Format-Table | |
#Shows all routes learned by Virtual Network Gateway | |
Get-AzVirtualNetworkGatewayLearnedRoute -ResourceGroupName $RG -VirtualNetworkGatewayName $VNGName | Format-Table | |
#Shows all routes advertised by Virtual Network Gateway | |
foreach ($Peer in $Peerinfo.Neighbor) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a script leveraged on OnPrem DNS Integration with Private Link focusing on Conditional Forwarders. | |
#On DNS Server side: | |
#Set DNS Forwarder to INETDNS (DMZ DNS) | |
Get-DnsServerForwarder | |
Set-DnsServerForwarder -IPAddress 192.168.0.45 # Set DMZ DNS as Forwarder | |
Remove-DnsServerForwarder -IPAddress 192.168.0.45 -Force | Clear-DnsServerCache -Force | |
#Zone: privatelink.blob.core.windows.net_ | |
Add-DnsServerConditionalForwarderZone -Name "privatelink.blob.core.windows.net" -MasterServers 10.0.0.4 -PassThru | |
Clear-DnsServerCache -Force |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#------------------------------------------------------------------------------------- | |
# Create Self signed root certificate | |
# -dnsname -DnsName domain.example.com,anothersubdomain.example.com | |
# -Subject "CN=Patti Fuller,OU=UserAccounts,DC=corp,DC=contoso,DC=com" | |
$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature ` | |
-Subject "CN=RootCert" ` | |
-KeyExportPolicy Exportable ` | |
-HashAlgorithm sha256 -KeyLength 4096 ` | |
-CertStoreLocation "Cert:\CurrentUser\My" ` | |
-KeyUsageProperty Sign ` |