Install connector in Microsoft Azure

Install an EAA connector in Microsoft Azure environment.

Installation Requirements

Compatible virtual environment:

  • Microsoft Azure

Computing capability:

  • CPU. Four virtual cores
  • Memory. 8 GB RAM
  • Storage. 16 GB hard drive disk space (4 GB allocated to swap space and 12 GB of free space).

Network:

  • A private IP address inside the Local Area Network (LAN), either DHCP or static. The connector should run close to internal applications, possibly in the same subnet as the application, and be able to communicate with the application in test.
  • Dial-out access to the Internet on TCP port 443. A connector must reach the Enterprise Application Access service over the internet. This communication is carried out over an open TCP port 443, and only needs outbound connectivity.
  • Access to the applications. The port and protocol must be accessible in the LAN.
  • A firewall that allows the connector's private IP address to reach the application on configured port numbers. For example, a firewall rule to allow the connector to reach the application server internal IP address or hostname (if DNS is configured) on port numbers 80, 443, or any application specific port.

ūüďė

Note

If you access browser based applications, configure connector with 4 vCPUs, 8 GB RAM and 40 GB storage space at a minimum.

Download the connector

  1. Log in to Enterprise Center.

  2. In the Enterprise Center navigation menu, select Application Access > Clients & Connectors > Access and Identity Connectors.

  3. Click Add New Connector (+). Provide a name and an optional description.

  4. For Package select Microsoft Azure.

  5. (Optional) If you need remote debugging, enable Debugging.

  6. Click Save. The connector status changes to Created. Click Download Template, to download the file.

Install the connector

Prerequisites

  • Set up Microsoft Azure account and billing.

  • Make sure an Azure administrator created a resource group necessary for template deployments. If not, to create a resource group, refer to the Microsoft Azure documentation on managing resource groups in Azure portal.

ūüďė

A minimum size of Standard_F4s_v2 is required to secure any type of application.

  1. Log in to your Microsoft Azure portal.

  2. Deploy the EAA connector template in Azure. Select New.

  3. In the search field, type template deployment and select Template deployment.

  4. In Template Deployment select Create.

  5. In Custom deployment select Build your own template in the editor.
    Edit template appears.

  6. Replace all properties and elements in the template file with the contents of the connector file. Manually delete everything in the template file. Paste the contents of the connector file. Click Save.

  7. Configure the basic settings:

    1. In Subscription select a type of subscription.
    2. For Resource select Use existing, and in the menu, select your resource group.
    3. In Location, select the location where resources are located.
  8. In Settings, configure the following:

    1. In Vnet Resource Group enter the resource group of the virtual network.
    2. In Admin Password enter the administrator password of the virtual machine.
    3. In Subnet Name enter the name of the subnet in the virtual network.
    4. In Admin Username enter the administrator's username of the virtual machine.
    5. In Existing Virtual Network Name enter the name of the virtual network.
  1. Review the Terms and Conditions and select I agree to the terms and conditions stated above.
  2. Select Purchase.
  3. To check if the virtual machine was created in Microsoft Azure log in to your Microsoft Azure portal.
    1. In the Microsoft Azure menu click Virtual Machines.
    2. Check if the virtual machine appears and is running.

Verify the connector is running

  1. Return to Enterprise Center.
  2. In the Enterprise Center navigation menu, select Application Access > Clients & Connectors > Access and Identity Connectors.
  3. On the connectors list page, select your Microsoft Azure connector and click Approve.
  4. Verify that the connector shows the private and public IP addresses assigned to it. The connector reaches out to the EAA Cloud. The status changes to Ready and Connector is running.