-1

I have created a DTL using template from here - https://github.com/Azure/azure-devtestlab/blob/master/Samples/101-dtl-create-lab/azuredeploy.json

After that i am changing the subnet and creating a P2S VPN using below script-

$VNetName = "dtlinfratest2"
$RG = "infratest2"
$Location = "westeurope"
$MyP2SRootCertPubKeyBase64 = "XXXXXXX"

# each virtaul network is inside a dev test lab so below values can hold good for all cases.
# Note: This is going to fail if VM exists in the virtual network
$GWSubName = "GatewaySubnet"
$VNetPrefix1 = "10.0.0.0/16"
$SubPrefix = "10.0.0.0/24"
$GWSubPrefix = "10.0.200.0/26"
$VPNClientAddressPool = "132.16.201.0/24"
$GWName = "GateWay"
$GWIPName = "GateWayIP"
$GWIPconfName = "GateWayIPConfig"

$vnet = Get-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $RG

$fesub = New-AzureRmVirtualNetworkSubnetConfig -Name $vnet.Subnets.name -AddressPrefix $SubPrefix
$gwsub = New-AzureRmVirtualNetworkSubnetConfig -Name $GWSubName -AddressPrefix $GWSubPrefix
$vn = New-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $RG -Location $Location -AddressPrefix $VNetPrefix1 -Subnet $fesub, $gwsub -Force

$subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name $GWSubName -VirtualNetwork $vn

$pip = New-AzureRmPublicIpAddress -Name $GWIPName -ResourceGroupName $RG -Location $Location -AllocationMethod Dynamic
$ipconf = New-AzureRmVirtualNetworkGatewayIpConfig -Name $GWIPconfName -Subnet $subnet -PublicIpAddress $pip

$p2srootcert = New-AzureRmVpnClientRootCertificate -Name "P2SVNETRootCertName" -PublicCertData $MyP2SRootCertPubKeyBase64
New-AzureRmVirtualNetworkGateway -Name $GWName -ResourceGroupName $RG -Location $Location -IpConfigurations $ipconf -GatewayType Vpn -VpnType RouteBased -EnableBgp $false -GatewaySku Standard -VpnClientAddressPool $VPNClientAddressPool -VpnClientRootCertificates $p2srootcert

I am creating VMs without any issues in the subnet and after a pre-defined time the VMs are expiring and after that I observed that the VM creation is failing inside the lab. Error Message-

Subnet DtlInfraTest2Subnet either is not enabled or is not part of specified virtual network /subscriptions/XXXXX/resourcegroups/infratest2/providers/microsoft.devtestlab/labs/infratest2/virtualnetworks/dtlinfratest2

I checked the network tab inside the lab and found that the "USE IN VIRTUAL MACHINE CREATION" is off and unless I tick that green manually I am not able to create VM.

enter image description here

I tried searching for a powershell command but couldn't find one. By default when we create the VM using template the "USE IN VIRTUAL MACHINE CREATION" but goes off when all the VMs expire automatically

Joy Wang
  • 39,905
  • 3
  • 30
  • 54
Aatif Akhter
  • 2,126
  • 1
  • 25
  • 46

2 Answers2

1

I tried searching for a powershell command but couldn't find one.

Try the command below to set USE IN VIRTUAL MACHINE CREATION of lab subnet to Yes.

$a = Get-AzureRmResource -ResourceGroupName <ResourceGroupName> -ResourceType Microsoft.DevTestLab/labs/virtualnetworks -ResourceName "<your DevTest Lab name>/<Vnet name>" -ApiVersion 2016-05-15
$labSubnet = $a.Properties.subnetOverrides | Where-Object {$_.labSubnetName -eq "your labsubnet name"} 
$labSubnet.useInVmCreationPermission = "Allow"
$a | Set-AzureRmResource -Force -ApiVersion 2016-05-15

enter image description here

Check in the portal:

enter image description here

Joy Wang
  • 39,905
  • 3
  • 30
  • 54
  • Did you manually disable the "USE IN VIRTUAL MACHINE CREATION" to NO before running the command. Coz the commands seems to give the same output but the effect is not seen on the portal – Aatif Akhter Oct 17 '18 at 10:43
  • @Atf It doesn't matter, you could also use the command to disable it, if you want to do so, just change `Allow` to `Deny`, it works fine on my side. If not effect, try to refresh the portal and check the command. – Joy Wang Oct 17 '18 at 11:38
  • I can see the PS output but in my case this is not reflecting in the portal and again I am not able to create VM – Aatif Akhter Oct 17 '18 at 11:51
  • @Atf Make sure you use the command in subnet not gatewaysubnet. – Joy Wang Oct 17 '18 at 12:12
  • Yeah, tried that. Marking this question as helpful. Sorry since couldn't match what i was actually looking at hence not accepting it as a complete solution – Aatif Akhter Oct 22 '18 at 07:54
0

The error message means that you need to enable the subnet for a VM creation. I follow the template you linked and the scripts you provided to create a DTL and P2S VPN and subnets successfully. Here is the default virtual network setting after running the scripts. You can try to click the red partition below to enable USE IN VIRTUAL MACHINE CREATION.

enter image description here

Or includes subnetOverrides template to your code to enable the subnet. You can get A sample template

   "subnetOverrides": [
                            {
                                "name": "[parameters('existingSubnetName')]",
                                "resourceId": "[variables('existingSubnetId')]",
                                "useInVmCreationPermission": "Allow",
                                "usePublicIpAddressPermission": "Allow"
                            }
                        ]
Nancy
  • 26,865
  • 3
  • 18
  • 34