部署具有多个公共 IP 地址的 Azure 防火墙Deploy an Azure Firewall with multiple public IP addresses

若要使用 Azure 防火墙保护虚拟中心,可以使用 Azure PowerShell 部署具有多个公共 IP 地址的防火墙。If you want to protect a virtual hub using Azure Firewall, you can deploy the firewall with multiple public IP addresses using Azure PowerShell.

部署防火墙Deploy the firewall

按照以下 Azure PowerShell 示例部署具有多个公共 IP 地址的 Azure 防火墙,以保护虚拟中心。Use the following Azure PowerShell example to deploy an Azure Firewall with multiple public IP addresses to protect a virtual hub.

Select-AzSubscription -SubscriptionId <subscription ID> 

$rgName = <resource group name> 
$vHub = Get-AzVirtualHub -Name <hub name> 
$vHubId = $vHub.Id 
$fwpips = New-AzFirewallHubPublicIpAddress -Count 3
$hubIpAddresses = New-AzFirewallHubIpAddress -PublicIPs $fwpips 
$fw = New-AzFirewall -Name <firewall name> -ResourceGroupName $rgName `
     -Location <location> -Sku AZFW_Hub -HubIPAddresses $hubIpAddresses `
     -VirtualHubId $vHubId 

更新公共 IP 地址Update a public IP address

可以使用 Azure PowerShell 来更新 Azure 防火墙的公共 IP 地址。You can use Azure PowerShell to update a public IP address for an Azure Firewall. 以下示例从防火墙中删除一个公共 IP 地址。The following example deletes one public IP address from a firewall. 它一开始有三个公共 IP 地址。It starts with three public IP addresses.

Select-AzSubscription -SubscriptionId <subscription ID>

$azfw = get-azfirewall -Name <firewall name> -ResourceGroupName <resource group name>
$ip1 = New-AzFirewallPublicIpAddress -Address <first ip address to keep>
$ip2 = New-AzFirewallPublicIpAddress -Address <second ip address to keep>
$ipAddresses = $ip1,$ip2
$azfw.HubIPAddresses.publicIPs.Addresses = $ipAddresses
$azfw.HubIPAddresses.publicIPs.count = 2
Set-AzFirewall -AzureFirewall $azfw

后续步骤Next steps

什么是安全虚拟中心?What is a secured virtual hub?