Create a virtual network (classic) using a network configuration file with PowerShell

An Azure virtual network (VNet) is a representation of your own network in the cloud. You can control your Azure network settings and define DHCP address blocks, DNS settings, security policies, and routing. You can also further segment your VNet into subnets and deploy Azure IaaS virtual machines (VMs) and PaaS role instances, in the same way you can deploy physical and virtual machines to your on-premises datacenter. In essence, you can expand your network to Azure, bringing your own IP address blocks. Read the virtual network overview if you are not familiar with VNets.


Before you work with Azure resources, it's important to understand that Azure currently has two deployment models: Azure Resource Manager and classic. Make sure you understand deployment models and tools before you work with any Azure resource. You can view the documentation for different tools by clicking the tabs at the top of this article.

This document covers creating a VNet by using the classic deployment model. You can also create a virtual network in the Resource Manager deployment model.


To illustrate how to create a VNet and subnets, this document uses the following scenario:

VNet scenario

In this scenario you create a VNet named TestVNet, with a reserved CIDR block of The VNet contains the following subnets:

  • FrontEnd, using as its CIDR block.
  • BackEnd, using as its CIDR block.

How to create a virtual network using a network config file from PowerShell

Azure uses an xml file to define all virtual networks available to a subscription. You can download this file, edit it to modify or delete existing virtual networks, and create new virtual networks. In this tutorial, you learn how to download this file, referred to as network configuration (or netcfg) file, and edit it to create a new virtual network. To learn more about the network configuration file, see the Azure virtual network configuration schema.

To create a virtual network with a netcfg file using PowerShell, complete the following steps:

  1. If you have never used Azure PowerShell, complete the steps in the How to Install and Configure Azure PowerShell article, then sign in to Azure and select your subscription.

  2. From the Azure PowerShell console, use the Get-AzureVnetConfig cmdlet to download the network configuration file to a directory on your computer by running the following command:

    Get-AzureVNetConfig -ExportToFile c:\azure\NetworkConfig.xml

    Expected output:

    <?xml version="1.0" encoding="utf-8"?>...
  3. Open the file you saved in step 2 using any XML or text editor application, and look for the <VirtualNetworkSites> element. If you have any networks already created, each network is displayed as its own <VirtualNetworkSite> element.

  4. To create the virtual network described in this scenario, add the following XML just under the <VirtualNetworkSites> element:

          <?xml version="1.0" encoding="utf-8"?>
          <NetworkConfiguration xmlns:xsd="" xmlns:xsi="" xmlns="">
                  <VirtualNetworkSite name="TestVNet" Location="East US">
                      <Subnet name="FrontEnd">
                      <Subnet name="BackEnd">
  5. Save the network configuration file.

  6. From the Azure PowerShell console, use the Set-AzureVnetConfig cmdlet to upload the network configuration file by running the following command:

    Set-AzureVNetConfig -ConfigurationPath c:\azure\NetworkConfig.xml

    Returned output:

    OperationDescription OperationId                          OperationStatus
    -------------------- -----------                          ---------------
    Set-AzureVNetConfig  <Id>                                 Succeeded 

    If OperationStatus is not Succeeded in the returned output, check the xml file for errors and complete step 6 again.

  7. From the Azure PowerShell console, use the Get-AzureVnetSite cmdlet to verify that the new network was added by running the following command:

    Get-AzureVNetSite -VNetName TestVNet

    The returned (abbreviated) output includes the following text:

    AddressSpacePrefixes : {}
    Location             : Central US
    Name                 : TestVNet
    State                : Created
    Subnets              : {FrontEnd, BackEnd}
    OperationDescription : Get-AzureVNetSite
    OperationStatus      : Succeeded