You must configure network-to-Azure connectivity if you want to use Software components in Azure blueprints.


  • Install and fully configure vRealize Automation. See Install and Configure a vRealize Automation Proof of Concept Deployment for Rainpole.

  • Create an Azure security group called TunnelGroup and configure it to allow access on port 22.

  • Create or identify a CentOS machine in your Azure TunnelGroup security group and note the following configurations:

    • Administrative user credentials, for example root.

    • Public IP address.

    • Private IP address.

  • Create or identify a CentOS machine on the same local network as your vRealize Automation installation.

  • Install OpenSSH SSHD Server on both tunnel machines.


  1. Log in to your Azure tunnel machine as the root user or similar.
  2. Disable iptables.
    # service iptables save
    # service iptables stop
    # chkconfig iptables off
  3. Edit /etc/ssh/sshd_config to enable AllowTCPForwarding and GatewayPorts.
  4. Restart the service.
    /etc/init.d/sshd restart
  5. Log in to the CentOS machine on the same local network as your vRealize Automation installation as the root user.
  6. Invoke the SSH Tunnel from the local network machine to the Azure tunnel machine.
    ssh -N -v -o "ServerAliveInterval 30" -o "ServerAliveCountMax 40" -o "TCPKeepAlive yes” \
        -R 1442:vRealize_automation_appliance_fqdn:5480 \
        -R 1443:vRealize_automation_appliance_fqdn:443 \
        -R 1444:manager_service_fqdn:443 \
        User of Azure tunnel machine@Public IP Address of Azure tunnel machine

    You configured port forwarding to allow your Azure tunnel machine to access vRealize Automation resources, but your SSH tunnel does not function until you configure an Azure reservation to route through the tunnel.

What to do next

  1. Install the software bootstrap agent and the guest agent on a Windows or Linux reference machine to create an Azure Machine Image that your IaaS architects can use to create blueprints. See Preparing for Software Provisioning.

  2. Configure your Azure reservation in vRealize Automation to route through your SSH tunnel. See Create a Reservation for Microsoft Azure.