Azure Policy Guest Configuration for Linux - Part 2
Continuation of the first part of this series. The Guest Configuration Package is now ready to be tested and deployed!
lab¶
Azure Policy Guest Configuration for Linux - Part 1
I'm currently checking out Azure Policy Guest Configuration for Linux VMs and will note down my progress made here. The whole process took me a while to understand, also I haven't used DSC before. Learning on the fly!
Objectives
- Audit that a user is present on the system
- Audit that a file with specific content is present in a specific path
- Audit that a service is running
- Continuous remediation of non-compliant systems
Zscaler Tunnels on Azure - Part 2 - Linux IPSec
In my last post, I created a IPSec tunnel to Zscaler using Azure VPN Gateway. Unfortunately, this setup does not work in a Virtual WAN environment, because spoke Vnets can't have Vnet gateways. Using VWAN VPN Gateways would make the VPN tunnel a branch, which is not what we need (I also want to avoid routing Public IPs internally).
Another option would be to use the Linux server to do the DNAT and IPSec tunnel, so this is what we will explore here.
Zscaler Tunnels on Azure - Part 1 - VPN Gateway
This post will look at how to build IPSec tunnels to Zscaler on Azure with Azure VPN Gateway. The complete Lab setup including notes is available here as bicep files with additional notes and outputs.
The target setup should provide the options to forward traffic to the Zscaler tunnels in a default route and non-default route environment.