One of the top requests we have been getting for Azure RemoteApp is the ability to link an existing Azure Virtual Network to an Azure RemoteApp cloud collection. This will allow the applications hosted within Azure RemoteApp to use standard networking to access other resources in the same virtual network. Applications such as QuickBooks, Microsoft Access, and other apps that might need to contact licensing servers or databases hosted on standard Azure VM’s are great examples of use cases that this new capability enables.
This enables the scenario where the application hosted on Azure RemoteApp does not rely on domain authentication but wants to leverage the network virtualization capabilities offered by Azure Virtual network and/or access to backend workloads via Windows Azure VPN gateway and Windows Azure Express Route.
You have to create a new Azure RemoteApp collection to use this new capability, migration of existing RemoteApp collections to link to Azure Virtual Network without domain join is not supported at this point.
My name is Moumita Ghosh from the Azure RemoteApp team and I will walk you through the steps to use this feature. My name is Moumita Ghosh from the Azure RemoteApp team and I will walk you through the steps to use this feature.
Create an Azure Virtual Network
Go to the Network tab in the Azure Management portal to create an Azure VNET. If you have already done it, please skip to the next step.
More information on creating an Azure VNET is available here: https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-overview/
Validate that the Azure VNET is ready for Azure RemoteApp
To validate the Azure VNET is ready for Azure RemoteApp, you can do the following:
1. Create an Azure Virtual Machine inside the Subnet of the Azure VNET you want to use for Azure RemoteApp. More information on creating Azure Virtual Machine and connecting to it using Remote Desktop is available here - https://msdn.microsoft.com/library/azure/jj156003.aspx .
2. Remote Desktop to the VM by clicking the Connect button.
3. If this succeeds, the Azure VNET and Subnet is ready for Azure RemoteApp.
4. Please ensure the Azure VNET Subnet that you will choose for creating the Azure RemoteApp Collection has sufficient IP addresses. Recommended CIDR subnet size is at least /27 or larger.
Azure VNET Subnets with Forced Tunneling turned on is currently not supported by default with Azure RemoteApp. However the support can be turned on by request at firstname.lastname@example.org.
If you have Network Security Groups (NSG) defined for the subnet you are using for Azure RemoteApp, please look at the NSG section in this article to make sure all the necessary ports are open for inbound and outbound traffic.
Creating Azure RemoteApp collection in the Azure VNET
Using Azure Management Portal
1. Go to the Azure RemoteApp tab on the left and click “New”. To create an Azure RemoteApp collection with VNET on the below page you select the existing VNET that you want your ARA collection to link to and the ARA subnet. For the "Join Local Domain" option, please select "No".
2. You will be able to see the collection on the Azure RemoteApp collections list page
3. Clicking on the collection should take you to the dashboard for the collection. Where you can link the template image. For more details follow this blog post .
With this feature you can use the existing Azure Networking features like Windows Azure VPN gateway and Windows Azure Express Route, where users can connect to a backend database or applications hosted on premise, and the front end is hosted on Azure and accessible through Azure RemoteApp, using their Microsoft Account (@hotmail.com etc.) without having the authenticate via Active Directory.
The PowerShell support for this feature is coming soon.
Note: Questions and comments are welcome. However, please DO NOT post a request for troubleshooting by using the comment tool at the end of this post. Instead, post a new thread in the Azure RemoteApp forum .
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.