I like Azure, and since I worked with it in anger last a few years ago Microsoft have revised their portal (twice) and added lots and lots of new features. One that I really like is the “resource group” which is a way to logically group together Azure resources.
Inside a resource group it’s possible to create a Network Security Group. This is a neat container for combining together firewall rules and routing between network interfaces.
And this is where it all goes a bit wrong.
Specifically, I’m a developer by background, and I know enough about networking to figure out CIDR notation (mostly) but not routing or BGP or all of that stuff. (And to be fair I never did really get the hang of regular expressions, either.)
So when I’m given a dialog like so:
I’ll happily fill in the “source port” to be port 80 as well as the destination port. Whoops!
So it turns out that the source port outbound from a Web browser might be anything. It’s only the destination that we’re interested in. So we need to complete this like so for things to work:
Once I’d done that all was well. At least, if you’re reading this, all is well…
1 thought on “Network security group configuration for virtual machines”
Comments are closed.