Parameter |
Description |
Resource group
|
Create new or use existing (no default).
|
Subscription
|
The type of Azure subscription you will use to cover the cost of the resources deployed with the template.
|
Location
|
Select the Azure location to which you want to deploy the template (no default).
|
Network Security Group
|
Network Security Group Name
|
The network security group limits the source IP addresses from which the VM-Series firewalls and web servers can be accessed.
Default: nsg-mgmt
|
Network Security Group Inbound Src IP
|
The source IP addresses that can log in to the management port of the VMs deployed by the template.
The default value 0.0.0.0/0 means you can log into the firewall management port from any IP address.
|
Storage Account
|
Storage Account Name
|
Create new or enter the name of an existing Storage Account (no default). The name must be globally unique.
|
Storage Account Type
|
Choose between standard and premium storage and your data replication needs for local redundancy, geo-redundancy, and read-access geo-redundancy.
The default option is Locally Redundant Storage (LRS). The other options are Standard GRS, Premium LRS, and Standard RAGRS.
|
VNet
|
Virtual Network
|
Create new or enter the name of an existing VNet.
The default name for the VNet is vnet-FW
|
Virtual Network Address Prefix
|
192.168.0.0/16
|
Azure Application Gateway
|
App Gateway Name
|
myAppGw
|
App Gateway DNS Name
|
Enter a globally unique DNS name for the Azure Application Gateway.
|
App Gateway Subnet Name and Prefix
|
Default name is AppGWSubnet and the subnet prefix is 192.168.3.0/24.
|
Azure Load Balancer and Web Servers
|
Internal Load Balancer Name
|
myPrivateLB
|
Internal Load Balancer Subnet Name and Prefix
|
Default name is backendSubnet and the subnet prefix is 192.168.4.0/24.
|
Backend Vm Size
|
The default size is Standard tier D1 Azure VM. Use the drop-down in the template to view the other Azure VM options available for the backend web servers.
|
Firewalls
|
Firewall Model
|
Choose from BYOL or PAYG (bundle 1 or bundle 2, each bundle includes the VM-300 and a set of subscriptions).
|
Firewall Vm Name and Size
|
The default name for the firewall is VM-Series, and the default size is Standard tier D3 Azure VM.
Use the drop-down in the template to view the other Azure VM options available for the VM-Series firewalls
|
Mgmt Subnet Name and Prefix
|
The management subnet for the VM-Series firewalls and the web servers deployed in this solution.
Default name is Mgmt and the subnet prefix is 192.168.0.0/24.
|
Mgmt Public IP Address Name
|
Enter a hostname to access the management interface on each firewall. The names must be globally unique.
|
Trusted Subnet Name and Prefix
|
The subnet to which eth1/1 on the VM-Series firewall is connected; this subnet connects the VM-Series firewall to the Azure Application gateway. The firewall receives web traffic destined to the web servers on eth1/1.
Default name is Trust and the subnet prefix is 192.168.2.0/24.
|
Untrusted Subnet Name
|
The subnet to which eth1/2 on the VM-Series firewall is connected. The firewall receives return and outbound web traffic on this interface.
Default name is Untrust and the subnet prefix is 192.168.1.0/24. The name must be globally unique.
|
Username
|
Enter the username for the administrative account on the VM-Series firewalls and the web servers.
|
Authentication Type
|
You must either enter a password for authentication or use an SSH public key (no default).
|