Windows Server 2022 with Azure Network Adapter
It has been quite some time since I have written about the Azure Network Adapter. This is a feature that is exposed in Windows Admin Center managed server of Windows Server 2012 R2 and higher, now including Windows Server 2022. What are its requirements? How can the Azure Network Adapter help simplify hybrid connectivity? Let’s consider Windows Server 2022 with Azure Network Adapter.
What is Azure Network Adapter?
The entire purpose of the Azure Network Adapter is to make it easy to interconnect specific Windows Servers with your Azure vNet. Traditionally, there are several options organizations have for accomplishing this. They could create a site-to-site VPN connection, Azure Express Route, or a Point-to-Site VPN connection.
However, the connections mentioned above can potentially add unneeded complexity to the network configuration for an environment. Azure Network Adapter is a new feature introduced in conjunction with Windows Admin Center that allows creating a Point-to-Site VPN connection using Windows Server 2012 R2 servers and higher. It offers several benefits, including:
- It does not require a public-facing IP address
- It makes creating connections from a remote location easy
- It does not require a VPN device
- It provides an easier way to connect specific resources with Azure vNets
Requires for Azure Network Adapter:
- An Azure account with at least one active subscription.
- An existing virtual network.
- Internet access for the target servers that you want to connect to the Azure virtual network.
- A Windows Admin Center connection to Azure. To learn more, see Configuring Azure integration.
- The latest version of Windows Admin Center. To learn more, see Windows Admin Center.
Register Windows Admin Center with Azure
I am testing this feature out on a Windows Server 2022 domain controller in the lab. If you want to configure Azure network adapter on a domain controller, you will need to do this from a Windows Admin Center Gateway box, as you can’t install Windows Admin Center on a domain controller. After you manage your domain controller with Windows Admin Center, you will need to make sure you register your Windows Admin Center instance with your Azure environment.
You can easily get to this point by just trying to add an Azure Network Adapter first and it will prompt you to register your Windows Admin Center to Azure.
Register the Windows Admin Center with Azure.
Follow the wizard to connect your Windows Admin Center instance.
Enter your copied code.
Singing into Windows Admin Center and connecting with Azure.
Click Continue.
Windows Admin Center is now signed in.
Complete the wizard to connect Admin Center.
After you click Connect you will then need to Sign in again.
The Azure App will be registered with Azure AD.
Windows Server 2022 with Azure Network Adapter
Now, let’s go back and add the Azure Network Adapter to the server.
Choose your Azure subscription, Location, Virtual Network, Gateway SKU, and Client Address Space.
The installation of the Azure Network Adapter takes care of the certificate management automatically.
The request to provision the Virtual Network Gateway is submitted successfully.
If this is a new Virtual Network Gateway, it can take up to 25 minutes to provision as noted in the informational message.
After the process has completed, you will see the Azure Network Adapter listed. Right-click and connect.
The connection successfully connects.
Thoughts and considerations
The Azure network adapter is a great tool in the administrator toolbag. It provides a way to connect a standalone server to your Azure vNet without having to stand up a site-to-site VPN connection from the edge. However, the strength of the solution can easily become its Achilles heal. If you have many servers that need connectivity to Azure, you are best to stand up a site-to-site connection due to the administrative burden involved with creating the connection. While it is fairly simple and easy, you don’t want to have to do this 50 times for 50 different servers.
One wish I have with the Azure Network Adapter is that Microsoft would add the flexibility for the communication to be two-way. At least in my testing and tinkering, there isn’t a way to allow communication from Azure back to the Azure Network Adapter. This would add a really great new option I think that would fit several use cases.
One of which I am thinking about is the Windows 365 Enterprise Cloud PC requirement to have an on-premises connection back to your on-premises Active Directory Domain Services (ADDS) server. It would be great to have this as a tool to quickly and easily do that.
However, all things considered, it still provides a quick and easy way to plumb in your on-premises Windows Server 2012 R2 to Windows Server 2022 server to your Azure network.