diff --git a/helper/src/components/networkTab.js b/helper/src/components/networkTab.js
index aafb06b3c..7d89e50b9 100644
--- a/helper/src/components/networkTab.js
+++ b/helper/src/components/networkTab.js
@@ -214,7 +214,7 @@ export default function NetworkTab ({ defaults, tabValues, updateFn, invalidArra
                     onChange={(ev, v) => updateFn("afw", v)}
                     label="Implement Azure Firewall & UDR next hop" />
 
-                {net.azureFirewallsSku=='Basic' &&
+                {net.azureFirewallsSku==='Basic' &&
                     <MessageBar styles={{ root: { marginLeft: '50px', width:'500px', marginTop: '10px !important'}}} messageBarType={MessageBarType.warning}>Basic SKU is currently a preview service <Link href="https://learn.microsoft.com/en-gb/azure/firewall/deploy-firewall-basic-portal-policy#prerequisites">(*preview)</Link></MessageBar>
                 }
                 <Dropdown
@@ -345,7 +345,7 @@ export default function NetworkTab ({ defaults, tabValues, updateFn, invalidArra
             </Stack.Item>
 
             {net.vnet_opt === 'custom' ?
-                <CustomVNET addons={addons} net={net} updateFn={updateFn} />
+                <CustomVNET addons={addons} net={net} updateFn={updateFn} invalidArray={invalidArray} />
                 : net.vnet_opt === 'byo' &&
                 <BYOVNET addons={addons} net={net} updateFn={updateFn} invalidArray={invalidArray} />
             }
@@ -353,19 +353,33 @@ export default function NetworkTab ({ defaults, tabValues, updateFn, invalidArra
     )
 }
 
-function PodServiceNetwork({ net, updateFn }) {
+function PodServiceNetwork({ net, updateFn, invalidArray }) {
     return (
         <Stack {...columnProps}>
             <Label>Kubernetes Networking Configuration</Label>
             <Stack.Item styles={{root: {width: '380px'}}} align="start">
-                <TextField  prefix="Cidr" label="POD Network" disabled={net.networkPlugin !== 'kubenet' && !net.cniDynamicIpAllocation && !net.networkPluginMode} onChange={(ev, val) => updateFn("podCidr", val)} value={net.networkPlugin === 'kubenet' || net.cniDynamicIpAllocation || net.networkPluginMode ? net.podCidr : "Using CNI, POD IPs from subnet"} />
+                <TextField
+                prefix="Cidr" label="POD Network"
+                disabled={net.networkPlugin !== 'kubenet' && !net.cniDynamicIpAllocation && !net.networkPluginMode}
+                onChange={(ev, val) => updateFn("podCidr", val)}
+                value={net.networkPlugin === 'kubenet' || net.cniDynamicIpAllocation || net.networkPluginMode ? net.podCidr : "Using CNI, POD IPs from subnet"}
+                maxLength={18}
+                errorMessage={net.networkPlugin === 'kubenet' || net.cniDynamicIpAllocation || net.networkPluginMode ? getError(invalidArray, 'podCidr') : ''} />
             </Stack.Item>
             <Stack.Item styles={{root: {width: '380px'}}} align="start">
-                <TextField prefix="Cidr" label="Service Network" onChange={(ev, val) => updateFn("serviceCidr", val)} value={net.serviceCidr} />
+                <TextField
+                prefix="Cidr" label="Service Network"
+                onChange={(ev, val) => updateFn("serviceCidr", val)}
+                value={net.serviceCidr}
+                errorMessage={getError(invalidArray, 'serviceCidr')} />
                 <MessageBar messageBarType={MessageBarType.warning}>Address space that isn't in use elsewhere in your network environment <a target="_target" href="https://docs.microsoft.com/en-us/azure/aks/configure-kubenet#create-an-aks-cluster-in-the-virtual-network">docs</a></MessageBar>
             </Stack.Item>
             <Stack.Item styles={{root: {width: '380px'}}} align="start">
-                <TextField prefix="IP" label="DNS Service IP" onChange={(ev, val) => updateFn("dnsServiceIP", val)} value={net.dnsServiceIP} />
+                <TextField
+                prefix="IP" label="DNS Service IP"
+                onChange={(ev, val) => updateFn("dnsServiceIP", val)}
+                value={net.dnsServiceIP}
+                errorMessage={getError(invalidArray, 'dnsServiceIP')} />
                 <MessageBar messageBarType={MessageBarType.warning}>Ensure its an address within the Service CIDR above <a target="_target" href="https://docs.microsoft.com/en-us/azure/aks/configure-kubenet#create-an-aks-cluster-in-the-virtual-network">docs</a></MessageBar>
             </Stack.Item>
 
@@ -389,14 +403,14 @@ function BYOVNET({ net, addons, updateFn, invalidArray }) {
             <MessageBar messageBarType={MessageBarType.warning}>Ensure your Application Gateway subnet meets these requirements <Link href="https://docs.microsoft.com/en-us/azure/application-gateway/configuration-infrastructure#size-of-the-subnet">here</Link></MessageBar>
 
             <Separator/>
-            <PodServiceNetwork net={net} updateFn={updateFn} />
+            <PodServiceNetwork net={net} updateFn={updateFn} invalidArray={invalidArray} />
 
         </Stack>
     )
 }
 
 
-function CustomVNET({ net, addons, updateFn }) {
+function CustomVNET({ net, addons, updateFn, invalidArray }) {
     return (
         <Stack styles={adv_stackstyle}>
             <Label>Custom Network VNET & Kubernetes Network Configuration</Label>
@@ -404,10 +418,20 @@ function CustomVNET({ net, addons, updateFn }) {
                 <Stack {...columnProps}>
 
                     <Stack.Item align="start">
-                        <TextField prefix="Cidr" label="VNET Address space" onChange={(ev, val) => updateFn("vnetAddressPrefix", val)} value={net.vnetAddressPrefix} />
+                        <TextField
+                        prefix="Cidr"
+                        label="VNET Address space"
+                        onChange={(ev, val) => updateFn("vnetAddressPrefix", val)}
+                        value={net.vnetAddressPrefix}
+                        errorMessage={getError(invalidArray, 'vnetAddressPrefix')} />
                     </Stack.Item>
                     <Stack.Item style={{ marginLeft: "20px"}}>
-                        <TextField prefix="Cidr" label="AKS Nodes subnet" onChange={(ev, val) => updateFn("vnetAksSubnetAddressPrefix", val)} value={net.vnetAksSubnetAddressPrefix} />
+                        <TextField
+                        prefix="Cidr"
+                        label="AKS Nodes subnet"
+                        onChange={(ev, val) => updateFn("vnetAksSubnetAddressPrefix", val)}
+                        value={net.vnetAksSubnetAddressPrefix}
+                        errorMessage={getError(invalidArray, 'vnetAksSubnetAddressPrefix')} />
                     </Stack.Item>
                     {/*
                 <Stack.Item align="center">
@@ -419,7 +443,7 @@ function CustomVNET({ net, addons, updateFn }) {
                     </Stack.Item>
 
                     <Stack.Item style={{ marginLeft: "20px"}}>
-                        <TextField prefix="Cidr" disabled={!net.afw || net.azureFirewallsSku!=='Basic'} label="Azure Firewall management subnet" onChange={(ev, val) => updateFn("vnetFirewallManagementSubnetAddressPrefix", val)} value={net.afw ? (net.azureFirewallsSku=='Basic' ? net.vnetFirewallManagementSubnetAddressPrefix : 'Management subnet for Basic SKU') : "No Firewall requested"} />
+                        <TextField prefix="Cidr" disabled={!net.afw || net.azureFirewallsSku!=='Basic'} label="Azure Firewall management subnet" onChange={(ev, val) => updateFn("vnetFirewallManagementSubnetAddressPrefix", val)} value={net.afw ? (net.azureFirewallsSku==='Basic' ? net.vnetFirewallManagementSubnetAddressPrefix : 'Management subnet for Basic SKU') : "No Firewall requested"} />
                     </Stack.Item>
 
                     <Stack.Item style={{ marginLeft: "20px"}}>
@@ -436,12 +460,17 @@ function CustomVNET({ net, addons, updateFn }) {
                     </Stack.Item>
 
                     <Stack.Item style={{ marginLeft: "20px"}}>
-                        <TextField prefix="Cidr" disabled={!net.vnetprivateend} label="Private Endpoint subnet" onChange={(ev, val) => updateFn("privateLinkSubnetAddressPrefix", val)} value={net.vnetprivateend ? net.privateLinkSubnetAddressPrefix : "No Private Endpoints requested"} />
+                        <TextField
+                        prefix="Cidr" disabled={!net.vnetprivateend}
+                        label="Private Endpoint subnet"
+                        onChange={(ev, val) => updateFn("privateLinkSubnetAddressPrefix", val)}
+                        value={net.vnetprivateend ? net.privateLinkSubnetAddressPrefix : "No Private Endpoints requested"}
+                        errorMessage={net.vnetprivateend && getError(invalidArray, 'privateLinkSubnetAddressPrefix')} />
                     </Stack.Item>
 
                 </Stack>
 
-                <PodServiceNetwork net={net} updateFn={updateFn} />
+                <PodServiceNetwork net={net} updateFn={updateFn} invalidArray={invalidArray} />
             </Stack>
 
             <Separator styles={{ root: { marginTop: '20px !important' } }}/>
diff --git a/helper/src/components/portalnav.js b/helper/src/components/portalnav.js
index 7af598ea5..67344c18f 100644
--- a/helper/src/components/portalnav.js
+++ b/helper/src/components/portalnav.js
@@ -327,6 +327,31 @@ export default function PortalNav({ config }) {
     }
   }
 
+  function isCidrValid(cidr) {
+    var regex=cidr.match(/^([0-9]{1,3}\.){3}[0-9]{1,3}($|\/(1[6-9]|2[0-6]))$/)
+    if(regex === null || regex.length !== 4 || regex[3] === undefined) {
+        //cidr range not valid
+        return false
+    }
+    else { return true }
+  }
+  const invalidCidrMessage = "Enter a valid CIDR address (/16 - /26)"
+
+  //declare string constant variable
+
+
+  function isIPValid(ip) {
+      if(ip === undefined || ip === null || ip === '') {
+          return true
+      }
+      else if (ip.match(/^([0-9]{1,3}\.){3}[0-9]{1,3}$/) === null) {
+          return false
+      }
+      else {
+          return true
+      }
+  }
+
   const { deploy, cluster, net, addons } = tabValues
 
   console.log(`PortalNav: Evaluating configruation warnings...`)
@@ -354,6 +379,12 @@ export default function PortalNav({ config }) {
       :
       'This template can only deploy Azure Firewall in single VNET with Custom Networking')
   invalidFn('net', 'aksOutboundTrafficType', (net.aksOutboundTrafficType === 'managedNATGateway' && net.vnet_opt !== "default") || (net.aksOutboundTrafficType === 'userAssignedNATGateway' && net.vnet_opt === "default"), 'When using Managed Nat Gateway, only default networking is supported. For other networking options, use Assigned NAT Gateway')
+  invalidFn('net', 'serviceCidr',  net.vnet_opt === "custom" && !isCidrValid(net.serviceCidr), invalidCidrMessage)
+  invalidFn('net', 'podCidr', !isCidrValid(net.podCidr), invalidCidrMessage)
+  invalidFn('net', 'dnsServiceIP', !isIPValid(net.dnsServiceIP), 'Enter a valid IP')
+  invalidFn('net', 'podCidr', !isCidrValid(net.podCidr), invalidCidrMessage)
+  invalidFn('net', 'vnetAddressPrefix', !isCidrValid(net.vnetAddressPrefix), invalidCidrMessage)
+  invalidFn('net', 'vnetAksSubnetAddressPrefix', !isCidrValid(net.vnetAksSubnetAddressPrefix), invalidCidrMessage)
   invalidFn('deploy', 'apiips', cluster.apisecurity === 'whitelist' && deploy.apiips.length < 7, 'Enter an IP/CIDR, or select \'Public IP with no IP restrictions\' in the \'Cluster API Server Security\' section of the \'Cluster Details\' tab')
   invalidFn('deploy', 'clusterName', !deploy.clusterName || deploy.clusterName.match(/^[a-z0-9][_\-a-z0-9]+[a-z0-9]$/i) === null || deploy.clusterName.length > 19, 'Enter valid cluster name')