shanhix1 · Feb 5, 2018
diff --git a/‎articles/application-gateway/TOC.md
Lines changed: 3 additions & 0 deletions b/‎articles/application-gateway/TOC.md
Lines changed: 3 additions & 0 deletions
diff --git a/‎articles/application-gateway/media/tutorial-internal-site-redirect-cli/application-gateway-nginxtest.PNG
40 KB b/‎articles/application-gateway/media/tutorial-internal-site-redirect-cli/application-gateway-nginxtest.PNG
40 KB
diff --git a/‎articles/application-gateway/media/tutorial-internal-site-redirect-powershell/application-gateway-iistest.PNG
13.4 KB b/‎articles/application-gateway/media/tutorial-internal-site-redirect-powershell/application-gateway-iistest.PNG
13.4 KB
diff --git a/‎articles/application-gateway/tutorial-internal-site-redirect-cli.md
Lines changed: 226 additions & 0 deletions b/‎articles/application-gateway/tutorial-internal-site-redirect-cli.md
Lines changed: 226 additions & 0 deletions
diff --git a/‎articles/application-gateway/tutorial-internal-site-redirect-powershell.md
Lines changed: 313 additions & 0 deletions b/‎articles/application-gateway/tutorial-internal-site-redirect-powershell.md
Lines changed: 313 additions & 0 deletions
@@ -45,6 +45,9 @@
 ## Configure external redirection
 ### [Azure PowerShell](tutorial-external-site-redirect-cli.md)
 ### [Azure CLI](tutorial-external-site-redirect-powershell.md)
+## Configure internal redirection
+### [Azure PowerShell](tutorial-internal-site-redirect-cli.md)
+### [Azure CLI](tutorial-internal-site-redirect-powershell.md)
 ## Configure web apps as backend pool members
 ### [Azure PowerShell](application-gateway-web-app-powershell.md)
 ## Configure health probes
 
@@ -0,0 +1,226 @@
+---
+title: Create an application gateway with internal redirection - Azure CLI | Microsoft Docs
+description: Learn how to create an application gateway that redirects internal web traffic to the appropriate pool using the Azure CLI.
+services: application-gateway
+author: davidmu1
+manager: timlt
+editor: tysonn
+
+ms.service: application-gateway
+ms.devlang: na
+ms.topic: article
+ms.tgt_pltfrm: na
+ms.workload: infrastructure-services
+ms.date: 01/24/2018
+ms.author: davidmu
+
+---
+# Create an application gateway with internal redirection using the Azure CLI
+
+You can use the Azure CLI to configure [web traffic redirection](application-gateway-multi-site-overview.md) when you create an [application gateway](application-gateway-introduction.md). In this tutorial, you create a backend pool using a virtual machines scale set. You then configure listeners and rules based on domains that you own to make sure web traffic arrives at the appropriate pool. This tutorial assumes that you own multiple domains and uses examples of *www.contoso.com* and *www.contoso.org*.
+
+In this article, you learn how to:
+
+> [!div class="checklist"]
+> * Set up the network
+> * Create an application gateway
+> * Add listeners and redirection rule
+> * Create a virtual machine scale set with the backend pool
+> * Create a CNAME record in your domain
+
+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
+
+[!INCLUDE [cloud-shell-try-it.md](../../includes/cloud-shell-try-it.md)]
+
+If you choose to install and use the CLI locally, this quickstart requires that you are running the Azure CLI version 2.0.4 or later. To find the version, run `az --version`. If you need to install or upgrade, see [Install Azure CLI 2.0](/cli/azure/install-azure-cli).
+
+## Create a resource group
+
+A resource group is a logical container into which Azure resources are deployed and managed. Create a resource group using [az group create](/cli/azure/group#create).
+
+The following example creates a resource group named *myResourceGroupAG* in the *eastus* location.
+
+```azurecli-interactive 
+az group create --name myResourceGroupAG --location eastus
+```
+
+## Create network resources 
+
+Create the virtual network named *myVNet* and the subnet named *myAGSubnet* using [az network vnet create](/cli/azure/network/vnet#az_net). You can then add the subnet named *myBackendSubnet* that's needed by the backend pool of servers using [az network vnet subnet create](/cli/azure/network/vnet/subnet#az_network_vnet_subnet_create). Create the public IP address named *myAGPublicIPAddress* using [az network public-ip create](/cli/azure/public-ip#az_network_public_ip_create).
+
+```azurecli-interactive
+az network vnet create \
+  --name myVNet \
+  --resource-group myResourceGroupAG \
+  --location eastus \
+  --address-prefix 10.0.0.0/16 \
+  --subnet-name myAGSubnet \
+  --subnet-prefix 10.0.1.0/24
+az network vnet subnet create \
+  --name myBackendSubnet \
+  --resource-group myResourceGroupAG \
+  --vnet-name myVNet \
+  --address-prefix 10.0.2.0/24
+az network public-ip create \
+  --resource-group myResourceGroupAG \
+  --name myAGPublicIPAddress
+```
+
+## Create the application gateway
+
+You can use [az network application-gateway create](/cli/azure/application-gateway#create) to create the application gateway named *myAppGateway*. When you create an application gateway using the Azure CLI, you specify configuration information, such as capacity, sku, and HTTP settings. The application gateway is assigned to *myAGSubnet* and *myAGPublicIPAddress* that you previously created. 
+
+```azurecli-interactive
+az network application-gateway create \
+  --name myAppGateway \
+  --location eastus \
+  --resource-group myResourceGroupAG \
+  --vnet-name myVNet \
+  --subnet myAGsubnet \
+  --capacity 2 \
+  --sku Standard_Medium \
+  --http-settings-cookie-based-affinity Disabled \
+  --frontend-port 80 \
+  --http-settings-port 80 \
+  --http-settings-protocol Http \
+  --public-ip-address myAGPublicIPAddress
+```
+
+It may take several minutes for the application gateway to be created. After the application gateway is created, you can see these new features of it:
+
+- *appGatewayBackendPool* - An application gateway must have at least one backend address pool.
+- *appGatewayBackendHttpSettings* - Specifies that port 80 and an HTTP protocol is used for communication.
+- *appGatewayHttpListener* - The default listener associated with *appGatewayBackendPool*.
+- *appGatewayFrontendIP* - Assigns *myAGPublicIPAddress* to *appGatewayHttpListener*.
+- *rule1* - The default routing rule that is associated with *appGatewayHttpListener*.
+
+
+## Add listeners and rules 
+
+A listener is required to enable the application gateway to route traffic appropriately to the backend pool. In this tutorial, you create two listeners for your two domains. In this example, listeners are created for the domains of *www.contoso.com* and *www.contoso.org*.
+
+Add the backend listeners that are needed to route traffic using [az network application-gateway http-listener create](/cli/azure/application-gateway#az_network_application_gateway_http_listener_create).
+
+```azurecli-interactive
+az network application-gateway http-listener create \
+  --name contosoComListener \
+  --frontend-ip appGatewayFrontendIP \
+  --frontend-port appGatewayFrontendPort \
+  --resource-group myResourceGroupAG \
+  --gateway-name myAppGateway \
+  --host-name www.contoso.com
+az network application-gateway http-listener create \
+  --name contosoOrgListener \
+  --frontend-ip appGatewayFrontendIP \
+  --frontend-port appGatewayFrontendPort \
+  --resource-group myResourceGroupAG \
+  --gateway-name myAppGateway \
+  --host-name www.contoso.org   
+  ```
+
+### Add the redirection configuration
+
+Add the redirection configuration that sends traffic from *www.consoto.org* to the listener for *www.contoso.com* in the application gateway using [az network application-gateway redirect-config create](/cli/azure/network/application-gateway/redirect-config#az_network_application_gateway_redirect_config_create).
+
+```azurecli-interactive
+az network application-gateway redirect-config create \
+  --name orgToCom \
+  --gateway-name myAppGateway \
+  --resource-group myResourceGroupAG \
+  --type Permanent \
+  --target-listener contosoComListener \
+  --include-path true \
+  --include-query-string true
+```
+
+### Add routing rules
+
+Rules are processed in the order in which they are created, and traffic is directed using the first rule that matches the URL sent to the application gateway. The default basic rule that was created is not needed in this tutorial. In this example, you create two new rules named *contosoComRule* and *contosoOrgRule* and delete the default rule that was created.  You can add the rules using [az network application-gateway rule create](/cli/azure/application-gateway#az_network_application_gateway_rule_create).
+
+```azurecli-interactive
+az network application-gateway rule create \
+  --gateway-name myAppGateway \
+  --name contosoComRule \
+  --resource-group myResourceGroupAG \
+  --http-listener contosoComListener \
+  --rule-type Basic \
+  --address-pool appGatewayBackendPool
+az network application-gateway rule create \
+  --gateway-name myAppGateway \
+  --name contosoOrgRule \
+  --resource-group myResourceGroupAG \
+  --http-listener contosoOrgListener \
+  --rule-type Basic \
+  --redirect-config orgToCom
+az network application-gateway rule delete \
+  --gateway-name myAppGateway \
+  --name rule1 \
+  --resource-group myResourceGroupAG
+```
+
+## Create virtual machine scale sets
+
+In this example, you create a virtual machine scale set that supports the default backend pool that was created. The scale set that you create is named *myvmss* and contains two virtual machine instances on which you install NGINX.
+
+```azurecli-interactive
+az vmss create \
+  --name myvmss \
+  --resource-group myResourceGroupAG \
+  --image UbuntuLTS \
+  --admin-username azureuser \
+  --admin-password Azure123456! \
+  --instance-count 2 \
+  --vnet-name myVNet \
+  --subnet myBackendSubnet \
+  --vm-sku Standard_DS2 \
+  --upgrade-policy-mode Automatic \
+  --app-gateway myAppGateway \
+  --backend-pool-name appGatewayBackendPool
+```
+
+### Install NGINX
+
+```azurecli-interactive
+az vmss extension set \
+  --publisher Microsoft.Azure.Extensions \
+  --version 2.0 \
+  --name CustomScript \
+  --resource-group myResourceGroupAG \
+  --vmss-name myvmss \
+  --settings '{ "fileUris": ["https://raw.githubusercontent.com/davidmu1/samplescripts/master/install_nginx.sh"],
+  "commandToExecute": "./install_nginx.sh" }'
+```
+
+## Create CNAME record in your domain
+
+After the application gateway is created with its public IP address, you can get the DNS address and use it to create a CNAME record in your domain. You can use [az network public-ip show](/cli/azure/network/public-ip#az_network_public_ip_show) to get the DNS address of the application gateway. Copy the *fqdn* value of the DNSSettings and use it as the value of the CNAME record that you create. The use of A-records is not recommended because the VIP may change when the application gateway is restarted.
+
+```azurecli-interactive
+az network public-ip show \
+  --resource-group myResourceGroupAG \
+  --name myAGPublicIPAddress \
+  --query [dnsSettings.fqdn] \
+  --output tsv
+```
+
+## Test the application gateway
+
+Enter your domain name into the address bar of your browser. Such as, http://www.contoso.com.
+
+![Test contoso site in application gateway](./media/tutorial-internal-site-redirect-cli/application-gateway-nginxtest.png)
+
+Change the address to your other domain, for example http://www.contoso.org and you should see that the traffic has been redirected back to the listener for www.contoso.com.
+
+## Next steps
+
+In this tutorial, you learned how to:
+
+> [!div class="checklist"]
+> * Set up the network
+> * Create an application gateway
+> * Add listeners and redirection rule
+> * Create a virtual machine scale set with the backend pool
+> * Create a CNAME record in your domain
+
+> [!div class="nextstepaction"]
+> [Learn more about what you can do with application gateway](./application-gateway-introduction.md)
@@ -0,0 +1,313 @@
+---
+title: Create an application gateway with internal redirection - Azure PowerShell | Microsoft Docs
+description: Learn how to create an application gateway that redirects internal web traffic to the appropriate backend pool of servers using Azure Powershell.
+services: application-gateway
+author: davidmu1
+manager: timlt
+editor: tysonn
+
+ms.service: application-gateway
+ms.devlang: na
+ms.topic: article
+ms.tgt_pltfrm: na
+ms.workload: infrastructure-services
+ms.date: 01/23/2018
+ms.author: davidmu
+
+---
+# Create an application gateway with internal redirection using Azure PowerShell
+
+You can use Azure Powershell to configure [web traffic redirection](application-gateway-multi-site-overview.md) when you create an [application gateway](application-gateway-introduction.md). In this tutorial, you define a backend pool using a virtual machines scale set. You then configure listeners and rules based on domains that you own to make sure web traffic arrives at the appropriate pool. This tutorial assumes that you own multiple domains and uses examples of *www.contoso.com* and *www.contoso.org*.
+
+In this article, you learn how to:
+
+> [!div class="checklist"]
+> * Set up the network
+> * Create an application gateway
+> * Add listeners and redirection rule
+> * Create a virtual machine scale set with the backend pool
+> * Create a CNAME record in your domain
+
+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
+
+[!INCLUDE [cloud-shell-powershell.md](../../includes/cloud-shell-powershell.md)]
+
+If you choose to install and use the PowerShell locally, this tutorial requires the Azure PowerShell module version 3.6 or later. To find the version, run ` Get-Module -ListAvailable AzureRM` . If you need to upgrade, see [Install Azure PowerShell module](/powershell/azure/install-azurerm-ps). If you are running PowerShell locally, you also need to run `Login-AzureRmAccount` to create a connection with Azure.
+
+## Create a resource group
+
+A resource group is a logical container into which Azure resources are deployed and managed. Create an Azure resource group using [New-AzureRmResourceGroup](/powershell/module/azurerm.resources/new-azurermresourcegroup).  
+
+```azurepowershell-interactive
+New-AzureRmResourceGroup -Name myResourceGroupAG -Location eastus
+```
+
+## Create network resources
+
+Create the subnet configurations for *myBackendSubnet* and *myAGSubnet* using [New-AzureRmVirtualNetworkSubnetConfig](/powershell/module/azurerm.network/new-azurermvirtualnetworksubnetconfig). Create the virtual network named *myVNet* using [New-AzureRmVirtualNetwork](/powershell/module/azurerm.network/new-azurermvirtualnetwork) with the subnet configurations. And finally, create the public IP address named *myAGPublicIPAddress* using [New-AzureRmPublicIpAddress](/powershell/module/azurerm.network/new-azurermpublicipaddress). These resources are used to provide network connectivity to the application gateway and its associated resources.
+
+```azurepowershell-interactive
+$backendSubnetConfig = New-AzureRmVirtualNetworkSubnetConfig `
+  -Name myBackendSubnet `
+  -AddressPrefix 10.0.1.0/24
+$agSubnetConfig = New-AzureRmVirtualNetworkSubnetConfig `
+  -Name myAGSubnet `
+  -AddressPrefix 10.0.2.0/24
+$vnet = New-AzureRmVirtualNetwork `
+  -ResourceGroupName myResourceGroupAG `
+  -Location eastus `
+  -Name myVNet `
+  -AddressPrefix 10.0.0.0/16 `
+  -Subnet $backendSubnetConfig, $agSubnetConfig
+$pip = New-AzureRmPublicIpAddress `
+  -ResourceGroupName myResourceGroupAG `
+  -Location eastus `
+  -Name myAGPublicIPAddress `
+  -AllocationMethod Dynamic
+```
+
+## Create an application gateway
+
+### Create the IP configurations and frontend port
+
+Associate *myAGSubnet* that you previously created to the application gateway using [New-AzureRmApplicationGatewayIPConfiguration](/powershell/module/azurerm.network/new-azurermapplicationgatewayipconfiguration). Assign *myAGPublicIPAddress* to the application gateway using [New-AzureRmApplicationGatewayFrontendIPConfig](/powershell/module/azurerm.network/new-azurermapplicationgatewayfrontendipconfig). And then you can create the HTTP port using [New-AzureRmApplicationGatewayFrontendPort](/powershell/module/azurerm.network/new-azurermapplicationgatewayfrontendport).
+
+```azurepowershell-interactive
+$vnet = Get-AzureRmVirtualNetwork `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myVNet
+$subnet=$vnet.Subnets[0]
+$pip = Get-AzureRmPublicIpAddress `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myAGPublicIPAddress
+$gipconfig = New-AzureRmApplicationGatewayIPConfiguration `
+  -Name myAGIPConfig `
+  -Subnet $subnet
+$fipconfig = New-AzureRmApplicationGatewayFrontendIPConfig `
+  -Name myAGFrontendIPConfig `
+  -PublicIPAddress $pip
+$frontendPort = New-AzureRmApplicationGatewayFrontendPort `
+  -Name myFrontendPort `
+  -Port 80
+```
+
+### Create the backend pool and settings
+
+Create a backend pool named *contosoPool* for the application gateway using [New-AzureRmApplicationGatewayBackendAddressPool](/powershell/module/azurerm.network/new-azurermapplicationgatewaybackendaddresspool). Configure the settings for the backend pool using [New-AzureRmApplicationGatewayBackendHttpSettings](/powershell/module/azurerm.network/new-azurermapplicationgatewaybackendhttpsettings).
+
+```azurepowershell-interactive
+$contosoPool = New-AzureRmApplicationGatewayBackendAddressPool `
+  -Name contosoPool 
+$poolSettings = New-AzureRmApplicationGatewayBackendHttpSettings `
+  -Name myPoolSettings `
+  -Port 80 `
+  -Protocol Http `
+  -CookieBasedAffinity Enabled `
+  -RequestTimeout 120
+```
+
+### Create the first listener and rule
+
+A listener is required to enable the application gateway to route traffic appropriately to the backend pool. In this tutorial, you create two listeners for your two domains. In this example, listeners are created for the domains of *www.contoso.com* and *www.contoso.org*.
+
+Create the first listener named *contosoComListener* using [New-AzureRmApplicationGatewayHttpListener](/powershell/module/azurerm.network/new-azurermapplicationgatewayhttplistener) with the frontend configuration and frontend port that you previously created. A rule is required for the listener to know which backend pool to use for incoming traffic. Create a basic rule named *contosoComRule* using [New-AzureRmApplicationGatewayRequestRoutingRule](/powershell/module/azurerm.network/new-azurermapplicationgatewayrequestroutingrule).
+
+```azurepowershell-interactive
+$contosoComlistener = New-AzureRmApplicationGatewayHttpListener `
+  -Name contosoComListener `
+  -Protocol Http `
+  -FrontendIPConfiguration $fipconfig `
+  -FrontendPort $frontendPort `
+  -HostName "www.contoso.com"
+$frontendRule = New-AzureRmApplicationGatewayRequestRoutingRule `
+  -Name contosoComRule `
+  -RuleType Basic `
+  -HttpListener $contosoComListener `
+  -BackendAddressPool $contosoPool `
+  -BackendHttpSettings $poolSettings
+```
+
+### Create the application gateway
+
+Now that you created the necessary supporting resources, specify parameters for the application gateway named *myAppGateway* using [New-AzureRmApplicationGatewaySku](/powershell/module/azurerm.network/new-azurermapplicationgatewaysku), and then create it using [New-AzureRmApplicationGateway](/powershell/module/azurerm.network/new-azurermapplicationgateway).
+
+```azurepowershell-interactive
+$sku = New-AzureRmApplicationGatewaySku `
+  -Name Standard_Medium `
+  -Tier Standard `
+  -Capacity 2
+$appgw = New-AzureRmApplicationGateway `
+  -Name myAppGateway `
+  -ResourceGroupName myResourceGroupAG `
+  -Location eastus `
+  -BackendAddressPools $contosoPool `
+  -BackendHttpSettingsCollection $poolSettings `
+  -FrontendIpConfigurations $fipconfig `
+  -GatewayIpConfigurations $gipconfig `
+  -FrontendPorts $frontendPort `
+  -HttpListeners $contosoComListener `
+  -RequestRoutingRules $frontendRule `
+  -Sku $sku
+```
+
+### Add the second listener
+
+Add the listener named *contosoOrgListener* that's needed to redirect traffic using [Add-AzureRmApplicationGatewayHttpListener](/powershell/module/azurerm.network/add-azurermapplicationgatewayhttplistener).
+
+```azurepowershell-interactive
+$appgw = Get-AzureRmApplicationGateway `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myAppGateway
+$frontendPort = Get-AzureRmApplicationGatewayFrontendPort `
+  -Name myFrontendPort `
+  -ApplicationGateway $appgw
+$ipconfig = Get-AzureRmApplicationGatewayFrontendIPConfig `
+  -Name myAGFrontendIPConfig `
+  -ApplicationGateway $appgw
+Add-AzureRmApplicationGatewayHttpListener `
+  -ApplicationGateway $appgw `
+  -Name contosoOrgListener `
+  -Protocol Http `
+  -FrontendIPConfiguration $ipconfig `
+  -FrontendPort $frontendPort `
+  -HostName "www.contoso.org"
+Set-AzureRmApplicationGateway -ApplicationGateway $appgw
+```
+
+### Add the redirection configuration
+
+You can configure redirection for the listener using [Add-AzureRmApplicationGatewayRedirectConfiguration](/powershell/module/azurerm.network/add-azurermapplicationgatewayredirectconfiguration). 
+
+```azurepowershell-interactive
+$appgw = Get-AzureRmApplicationGateway `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myAppGateway
+$contosoComlistener = Get-AzureRmApplicationGatewayHttpListener `
+  -Name contosoComListener `
+  -ApplicationGateway $appgw
+$contosoOrglistener = Get-AzureRmApplicationGatewayHttpListener `
+  -Name contosoOrgListener `
+  -ApplicationGateway $appgw
+Add-AzureRmApplicationGatewayRedirectConfiguration `
+  -ApplicationGateway $appgw `
+  -Name redirectOrgtoCom `
+  -RedirectType Found `
+  -TargetListener $contosoComListener `
+  -IncludePath $true `
+  -IncludeQueryString $true
+Set-AzureRmApplicationGateway -ApplicationGateway $appgw
+```
+
+### Add the second routing rule
+
+You can then associate the redirection configuration to a new rule named *contosoOrgRule* using [Add-AzureRmApplicationGatewayRequestRoutingRule](/powershell/module/azurerm.network/add-azurermapplicationgatewayrequestroutingrule).
+
+```azurepowershell-interactive
+$appgw = Get-AzureRmApplicationGateway `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myAppGateway
+$contosoOrglistener = Get-AzureRmApplicationGatewayHttpListener `
+  -Name contosoOrgListener `
+  -ApplicationGateway $appgw
+$redirectConfig = Get-AzureRmApplicationGatewayRedirectConfiguration `
+  -Name redirectOrgtoCom `
+  -ApplicationGateway $appgw   
+Add-AzureRmApplicationGatewayRequestRoutingRule `
+  -ApplicationGateway $appgw `
+  -Name contosoOrgRule `
+  -RuleType Basic `
+  -HttpListener $contosoOrgListener `
+  -RedirectConfiguration $redirectConfig
+Set-AzureRmApplicationGateway -ApplicationGateway $appgw
+```
+
+## Create virtual machine scale set
+
+In this example, you create a virtual machine scale set that supports the backend pool that you created. The scale set that you create is named *myvmss* and contains two virtual machine instances on which you install IIS. You assign the scale set to the backend pool when you configure the IP settings.
+
+```azurepowershell-interactive
+$vnet = Get-AzureRmVirtualNetwork `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myVNet
+$appgw = Get-AzureRmApplicationGateway `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myAppGateway
+$backendPool = Get-AzureRmApplicationGatewayBackendAddressPool `
+  -Name contosoPool `
+  -ApplicationGateway $appgw
+$ipConfig = New-AzureRmVmssIpConfig `
+  -Name myVmssIPConfig `
+  -SubnetId $vnet.Subnets[1].Id `
+  -ApplicationGatewayBackendAddressPoolsId $backendPool.Id
+$vmssConfig = New-AzureRmVmssConfig `
+  -Location eastus `
+  -SkuCapacity 2 `
+  -SkuName Standard_DS2 `
+  -UpgradePolicyMode Automatic
+Set-AzureRmVmssStorageProfile $vmssConfig `
+  -ImageReferencePublisher MicrosoftWindowsServer `
+  -ImageReferenceOffer WindowsServer `
+  -ImageReferenceSku 2016-Datacenter `
+  -ImageReferenceVersion latest
+Set-AzureRmVmssOsProfile $vmssConfig `
+  -AdminUsername azureuser `
+  -AdminPassword "Azure123456!" `
+  -ComputerNamePrefix myvmss
+Add-AzureRmVmssNetworkInterfaceConfiguration `
+  -VirtualMachineScaleSet $vmssConfig `
+  -Name myVmssNetConfig `
+  -Primary $true `
+  -IPConfiguration $ipConfig
+New-AzureRmVmss `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myvmss `
+  -VirtualMachineScaleSet $vmssConfig
+```
+
+### Install IIS
+
+```azurepowershell-interactive
+$publicSettings = @{ "fileUris" = (,"https://raw.githubusercontent.com/davidmu1/samplescripts/master/appgatewayurl.ps1"); 
+  "commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File appgatewayurl.ps1" }
+$vmss = Get-AzureRmVmss -ResourceGroupName myResourceGroupAG -VMScaleSetName myvmss
+Add-AzureRmVmssExtension -VirtualMachineScaleSet $vmss `
+  -Name "customScript" `
+  -Publisher "Microsoft.Compute" `
+  -Type "CustomScriptExtension" `
+  -TypeHandlerVersion 1.8 `
+  -Setting $publicSettings
+Update-AzureRmVmss `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myvmss `
+  -VirtualMachineScaleSet $vmss
+```
+
+## Create CNAME record in your domain
+
+After the application gateway is created with its public IP address, you can get the DNS address and use it to create a CNAME record in your domain. You can use [Get-AzureRmPublicIPAddress](/powershell/module/azurerm.network/get-azurermpublicipaddress) to get the DNS address of the application gateway. Copy the *fqdn* value of the DNSSettings and use it as the value of the CNAME record that you create. The use of A-records is not recommended because the VIP may change when the application gateway is restarted.
+
+```azurepowershell-interactive
+Get-AzureRmPublicIPAddress -ResourceGroupName myResourceGroupAG -Name myAGPublicIPAddress
+```
+
+## Test the application gateway
+
+Enter your domain name into the address bar of your browser. Such as, http://www.contoso.com.
+
+![Test contoso site in application gateway](./media/tutorial-internal-site-redirect-powershell/application-gateway-iistest.png)
+
+Change the address to your other domain, for example http://www.contoso.org and you should see that the traffic has been redirected back to the listener for www.contoso.com.
+
+## Next steps
+
+In this article, you learned how to:
+
+> [!div class="checklist"]
+> * Set up the network
+> * Create an application gateway
+> * Add listeners and redirection rule
+> * Create a virtual machine scale set with the backend pools
+> * Create a CNAME record in your domain
+
+> [!div class="nextstepaction"]
+> [Learn more about what you can do with application gateway](./application-gateway-introduction.md)