• Administrator overview
• Managing users and permissions
  • User roles and access permissions
  • Creating users
  • Editing users
  • Unlocking a user account
  • Resending a user activation link
  • Deleting or deactivating users
  • Using groups
  • Managing departments
  • Managing passwords and password policies
  • Setting account-wide access policies
  • Changing a resource owner
  • Using Single Sign-On (SSO)
    • Using Single Sign-on (SSO) with Azure Active Directory (AAD)
    • Configuring an ADFS claim rule for SSO
• Managing account-wide settings
  • Adding container registries
• Managing public IP addresses
• Managing WANs
  • Overview: VPNs
    • Creating a VPN
      • VPN configuration parameters
        • AWS VPC: VPN configuration example
        • Azure VPN: VPN configuration example
        • Cisco ASA: VPN configuration example
        • Cisco IOS: VPN configuration example
        • Juniper SRX: VPN configuration example
        • pfSense: VPN configuration example
        • strongSwan: VPN configuration example
  • Overview: Skytap on Azure ExpressRoute connections
    • Creating a Skytap on Azure ExpressRoute connection
    • Creating a customer-managed Skytap on Azure ExpressRoute connection
  • Testing the WAN
    • Troubleshooting VPN test failures
  • Connecting an environment network to a WAN
  • Configuring WAN access controls
  • Editing an existing WAN connection
  • Disable a WAN
• Managing Metered RAM and storage usage
  • How usage is calculated
  • Viewing current usage and enabling pay-as-you-go capacity
  • Reserved capacity for Skytap on Azure
  • Reserved capacity for Skytap on IBM Cloud
  • Setting usage limits
  • Setting up notifications
  • VM pinning
• Reporting overview
  • Viewing and exporting user information
  • Viewing and exporting group information
  • Generating department reports
  • Generating audit reports
    • Configuring the webhook service for audit data
  • Viewing usage data
    • Using labels for in-depth reporting
    • Creating usage label categories
    • Configuring the webhook service for usage data
  • Enabling other users to generate reports
• Security best practices
• Other best practices
• Sharing templates with users in other Skytap accounts
• Finding the source environment from a sharing portal URL
• Including your logo in the Skytap interface

Creating and editing a Skytap on Azure ExpressRoute connection

A Skytap on Azure ExpressRoute connection is a dedicated, secure network tunnel between a Skytap environment and an Azure virtual network.

For example, you can use a Skytap on Azure ExpressRoute connection to connect a Skytap environment to your corporate intranet to give your virtual data center access to corporate resources (such as databases, source repositories, and builds).

Your customer account can have up to ten WANs connected at the same time. If you need additional WANs, contact your Skytap sales representative. A WAN is a VPN or Skytap on Azure ExpressRoute connection

Before you begin

Before you begin, you’ll need:

• A valid and active Microsoft Azure subscription.
• An Azure region enabled for your Skytap account.
• An administrator account in Skytap.

• A Skytap environment.

  Use Skytap Subnet from the environment to define the Skytap subnet for the Skytap on Azure ExpressRoute connection.

  

• An Azure virtual network.

  The Azure virtual network will define the remote subnet. Included remote subnets can’t overlap with restricted subnets or the Skytap subnet defined in the VPN settings. For more information, see Remote Subnets settings.

• An unattached Skytap static public IP address.

  A static public IP address is used as the Skytap peer IP address for the Skytap on Azure ExpressRoute connection.

  For instructions, see Adding a static public IP address to your account.

  The static public IP address is dedicated to the Skytap on Azure ExpressRoute connection; it isn’t accessible via the public internet.

  If you don’t have an available public IP address, contact your Skytap account representative.

Creating and configuring a Skytap on Azure ExpressRoute connection

To create a Skytap on Azure ExpressRoute connection

1. From the navigation bar, click Manage > WANs.

   

   The WANs page displays.

   

2. Click New ExpressRoute. The New WAN page loads.

   

3. Type a Name for the new Skytap on Azure ExpressRoute connection.
4. Select the Azure Region where the ExpressRoute will be created.
5. Choose the Connection type, either Skytap-managed circuit or Customer-managed circuit.
6. If this is a Customer-managed circuit, type or paste the ExpressRoute circuit Service key.
7. Choose a Skytap static public IP address as the Skytap peer IP.
8. To assign NAT IP addresses to any VMs connected to the ExpressRoute, select Apply NAT for connecting networks. This setting allows you to connect Skytap environments with overlapping IP addresses to the Skytap on Azure ExpressRoute connection. For more information, see Apply NAT for connecting networks.
9. Type the Skytap subnet – the subnet of the environment that will be connected.

10. Click Save. The Details tab displays a summary of the Skytap on Azure ExpressRoute connection settings, along with the message, We’re waiting for the authorization key so we can finish building your connection.

    Provisioning usually takes only a few minutes but can sometimes take up to an hour.

    

11. After the connection is provisioned by Microsoft, a Resource ID and Authorization Key are displayed.

    

12. Sign into your Azure subscription and follow these steps to connect your ExpressRoute to your virtual network gateway.

    The Resource ID and Authorization Key are displayed on the Details tab of the Skytap WANs page.

    • For the Authorization key of the Connection object, use the Authorization Key.
    • For the Peer circuit URI of the Connection object, use the Resource ID.

13. Type the Azure virtual network subnet into Remote Subnet. Optionally, you can add remote subnets to exclude. Included remote subnets can’t overlap with restricted subnets or the Skytap subnet defined in the Skytap on Azure ExpressRoute connection settings. For more information, see Remote Subnets settings.

    

    1. Enter a subnet range in Remote Subnets.

       The supported remote subnets are within the 3 to 32 bits range.

       1. Select include or exclude.
       2. Click Add.
14. Test the WAN.

15. Connect your Skytap networks to the Skytap on Azure ExpressRoute connection. The Skytap side of the Skytap on Azure ExpressRoute connection remains inactive until you attach at least one network with a running VM on it.

16. Click Enable to begin sending traffic through the Skytap on Azure ExpressRoute connection.

    

17. (Optional) Configure access controls for the Skytap on Azure ExpressRoute connection. For more information, see Configuring access to a WAN.

Editing the name of a Skytap on Azure ExpressRoute connection

To change the name assigned to a Skytap on Azure ExpressRoute connection

1. From the navigation bar, click Manage > WANs.

   

   The WANs page displays.

   

2. Click (Edit) next to the name of the Skytap on Azure ExpressRoute connection connection.
3. Enter a new name in the Rename WAN window.
4. Click Save.

Editing the WAN access control list

See Configuring access to a WAN.

Deleting a Skytap on Azure ExpressRoute connection

Before you can delete a Skytap on Azure ExpressRoute connection that uses Global Reach, you must first remove or disable any Global Reach circuits used by the Skytap on Azure ExpressRoute connection, otherwise deletion of the Skytap on Azure ExpressRoute connection is likely to fail.