hands-on lab

Azure Virtual Networks, Virtual Machines & Network Security Groups

Up to 2h 30m
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.



Azure Virtual Networks (VNets) are the fundamental building block of your private network in Azure. VNets enable you to build complex virtual networks that are similar to an on-premises network, with additional benefits of Azure infrastructure such as scale, availability, and isolation. A VNet is a representation of your own network in the cloud. It is a logical isolation of the Azure cloud dedicated to your subscription. You can use VNets to provision and manage virtual private networks (VPNs) in Azure and, optionally, link the VNets with other VNets in Azure, or with your on-premises IT infrastructure to create hybrid or cross-premises solutions. Each VNet you create has its own CIDR block and can be linked to other VNets and on-premises networks as long as the CIDR blocks do not overlap. You also have control of DNS server settings for VNets, and segmentation of the VNet into subnets. 

In this Lab exercise, you will: 

  • Provision a Virtual Network with default settings  
  • Change the IP Address range of the network, while there are no devices (Virtual Machines) connected to the network
  • Add a Virtual Machine to the amended network 
  • Change the IP Address range of the network with the new connected device present, and move the connected device to a new subnet
  • Create a Second Virtual machine 
  • Create a Network Security group to allow remote desktop connectivity
  • Test Remote and internal connectivity using one of the Virtual Machines 


May 16th, 2023 - Updated instructions and screenshots to reflect latest UI

About the author

David Bedford, opens in a new tab
Principal Technical Learning Specialist - Cloud

David’s IT career started in 1990, when he took on the role of Database Administrator as a favor for his boss. He redirected his career into the Client Server side of Microsoft with NT4, and then progressed to Active Directory and each subsequent version of Microsoft Client/Server Operating Systems. In 2007 he joined QA as a Technical Trainer, and has delivered training in Server systems from 2003 to 2016 and Client systems from XP onwards. Currently, David is a Principal Technical Learning Specialist (Cloud), and delivers training in Azure Cloud Computing, specializing in Infrastructure Compute and Storage. David also delivers training in Microsoft PowerShell, and is qualified in the Alibaba Cloud Space.

Lab steps

Logging in to the Microsoft Azure Portal
Provision a Virtual Network and Subnet with default settings
Change Network Settings with no connected devices
Add a Virtual machine to the Network
Change Network settings with a connected devices
Deploy a second virtual machine into the Vnet1
Provision a Network Security Group and connect it to Subnet1