Configure Route Tables in a Virtual Network

This “Configure Route Tables in a Virtual Network” IT Pro Challenges virtual lab teaches learners how to configure route tables in a virtual network so that all traffic is routed through a virtual firewall appliance. Skills learned in this lab are required in multiple job roles such as Azure Administrator, Network Administrator.

45 minutes
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »


A route table includes a set of rules, called routes, that defines how packets should be routed in a virtual network. Route tables are connected to subnets, and each packet transmitting a subnet is controlled based on the connected route table. An Azure Virtual Network (VNet) is an image of the network in the cloud. It is the legitimate privacy of the Azure cloud applied. You can use VNets to store and control virtual private networks (VPNs) in Azure and link the VNets with other VNets in Azure.

Configuration of a Route table and Virtual Network are crucial factors in the Microsoft Azure Administration tasks. In the IT-Pro challenge virtual lab, learners will be using an Azure resource group that contains an existing storage account for use with Cloud Shell, a virtual network, and virtual machines to configure Route tables.

Understand the Scenario

An Azure Administrator is accountable for executing, monitoring, and maintaining Microsoft Azure solutions, including primary duties such as storage, network, and security. In this hands-on virtual lab, you are an Azure administrator assigned to create and configure route tables and associate them with existing subnets in a virtual network in Azure. The job responsibility is to ensure that all traffic between the front-end and back-end subnets of the virtual network are routed through a firewall virtual appliance. To execute this challenge, learners will create the route tables and routes, and then associate them to the subnets. Next, they will install a utility on one of the virtual machines to test the routes and verify that traffic is routed through the virtual appliance as expected.

Configure the front-end route table

Azure has various system routes already pre-defined that control the movement of traffic between the internet, on-premises devices, and other devices. Azure implicitly routes traffic between subnets, virtual networks, and on-premises networks. If you want to change any of its default routing, you make it happen by creating a route table. In this challenge, the first step is to configure the frontend route table. To execute this task, learners will first create a route table named app-frontend-rt and disable BGP route propagation and associate the app-frontend-rt route table with the subnet frontend in the virtual network app-vnet. Finally, you will check and confirm the creation of a route table named app-frontend-rt with a route named to-backend, and associated it with the subnet frontend.

Configure the back-end route table

After configuring the front-end route table, the next important step is to configure the back-end route table. This is a three-step procedure where learners will learn how to:

  • Create a route table named app-backend-rt in the same region as the resource group, and disable BGP route propagation.
  • Create a route named to-frontend to the front-end address prefix and set the next hop to Virtual appliance with the given address.
  • Associate the app-backend-rt route table with the subnet backend in the virtual network app-vnet.

Enable IP forwarding on the virtual appliance

IP forwarding, also called Internet routing, is a method applied to resolve which route a packet can be addressed. The method utilizes routing data to decide and is outlined to transfer a packet over various networks. After configuring both front-end and back-end, you will learn how to enable IP forwarding on the virtual appliance. In this segment of the lab, learners will learn how to:

  • Create a new file share named cloud-shell-share in the existing storage account cs1dpymovugai11667321 by using BASH.
  • Connect to the public IP address of the app-firewall virtual machine using a secure shell (SSH) with the given credentials in the Cloud Shell.
  • To enable IP forwarding.

Lab Summary Conclusion

After completing the “Configure Route Tables in a Virtual Network” virtual lab, you will have accomplished the following:

  • Created route tables and routes.
  • Associated the route tables with existing subnets in a virtual network.
  • Started Cloud Shell and configured storage in order to use SSH.
  • Installed the traceroute utility and confirmed the first hop was routed according to the route table.

Whether you want an improvement to your earning potential in your current job position, or you are looking to start a new career, this hands-on lab will provide you with the knowledge and skills that are required to succeed as an IT professional.