Resolving issue #2566

docs/azure_jumpstart_hcibox/AKS/_index.md

@@ -6,22 +6,22 @@
 
 ## Azure Kubernetes Service on Azure Stack HCI
 
 Azure Stack HCI can provide host infrastructure for [Azure Kubernetes Service clusters](https://learn.microsoft.com/azure-stack/aks-hci/). HCIBox comes pre-configured with Azure Kubernetes Service on HCI (AKS-HCI). To see this in action, navigate to the resource group where you deployed HCIBox and follow these steps.
 
 ## Explore AKS on Azure Stack HCI
 
 HCIBox is preconfigured with a network subnet dedicated to AKS deployment. Subnet details are as follows:
 
   | Network details |                  |
   | ---------- | --------------------- |
   | Subnet     | 10.10.0.0/24          |
   | Gateway    | 10.10.0.1             |
   | VLAN Id    | 110                   |
   | DNS Server | 192.168.1.254         |
 
 Before creating an AKS workload cluster, you must create a local virtual network object. HCIBox includes a script that will complete this task using the pre-configured network. The script will then create a new AKS workload cluster.
 
 - Open your HCIBox resource group and click on the _jumpstart_ custom location resource, then click "Arc-enabled services." Here you should see the hybridaksextension service available on the cluster. This is installed by default on Azure Stack HCI clusters, and is required for creating AKS workload clusters on HCI.
 
   ![Screenshot showing aks extension](./custom_location_resources.png)
 
@@ -37,7 +37,7 @@
 
   ![Screenshot showing edit with VSCode](./open_with_code.png)
 
 - Uncomment line 6 in the script and edit the placeholder value for the _$aadgroupID_ parameter with the object ID of your Microsoft Entra group. Save the script and close VSCode when finished.
 
   ![Screenshot showing editing script](./edit_script.png)
 
@@ -49,7 +49,7 @@
 
   ![Screenshot showing script running](./run_configure_aks.png)
 
 - Once complete, you should have an AKS workload cluster called _hcibox-aks_ in your HCIBox resource group.
 
   ![Screenshot showing AKS in resource group](./aks_in_resource_group.png)
 
@@ -62,6 +62,8 @@
 > ```
 > az extension update --name connectedk8s
 > ```
+
+
 - From Azure portal, open Cloud Shell and run the following command, using the name of your HCIBox resource group.
 
   ```

docs/azure_jumpstart_hcibox/cloud_deployment/_index.md

@@ -15,6 +15,13 @@ Once your bicep deployment is complete with Azure CLI or Azure Developer CLI, yo
 
 ### Connecting to the HCIBox Client virtual machine
 
+> **Note:** As the subnet the HCI VMs resides on is on the second nested layer, it is necessary to connect to the AzSMGMT machine to be able to connect to those VMs:
+> The HCI VM subnet is also not routable into the Azure Virtual Network, hence it won't be possible to connect to virtual machines on the HCI cluster using Azure Bastion.
+>
+> If you are having difficulties connecting into a stack HCI vm:
+> You can run `mstsc /v:192.168.1.11` from HCIBox-Client to connect to the AzSMGMT nested VM.
+> From there, run `mstsc /v:192.168.200.x` to connect to the HCI VMs (replace x with the IP of your deployed VM).
+
 Various options are available to connect to _HCIBox-Client_ VM, depending on the parameters you supplied during deployment.
 
 - [RDP](#connecting-directly-with-rdp) - available after configuring access to port 3389 on the _Arc-App-Client-NSG_, or by enabling [Just-in-Time access (JIT)](#connect-using-just-in-time-access-jit).

docs/azure_jumpstart_hcibox/deployment_az/_index.md

@@ -106,6 +106,9 @@ Azure CLI can be used to deploy HCIBox into your Azure subscription. Azure CLI i
 
   ![Screenshot showing retrieving StackHCI resource provider id](./hci_rp_id.png)
 
+
+> **Note:** Please avoid using the $ symbol in the `windowsAdminPassword`. Using this symbol can cause the LogonScript to fail.
+
 - Edit the [main.parameters.json](https://github.com/microsoft/azure_arc/blob/main/azure_jumpstart_hcibox/bicep/main.parameters.json) template parameters file and supply some values for your environment.
   - _`spnClientId`_ - Your Azure service principal id
   - _`spnClientSecret`_ - Your Azure service principal secret