• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 92
  • Last Modified:

Azure network security group

Question about inbound rules on network security group.  I have 22 network ranges so does this mean I have to add 22 separate (same port) inbound rules for each CIDR block I want to allow in?
0
stlhost
Asked:
stlhost
1 Solution
 
btanExec ConsultantCommented:
You should have the NSG rule to cover the subnet ranges for the inbound traffic. In fact, it depends on how you create the label for each NSG, you will need to have rule applies across each NSG.

For example, first a Network Security Group must be built to hold the rules:

New-AzureNetworkSecurityGroup -Name $NSGName `
    -Location $DeploymentLocation `
    -Label "Security group for $VNetName subnets in $DeploymentLocation"

Once the NSG is done, you can have rule applies to NSG according to the subnets for inboung traffic. You repeat for other NSG if any.

For example, this rule will allow RDP traffic to flow from the internet to the RDP port on any server on either subnet in the VNET. This rule uses two special types of address prefixes; “VIRTUAL_NETWORK” and “INTERNET”. This is an easy way to address a larger category of address prefixes.

Get-AzureNetworkSecurityGroup -Name $NSGName | `
    Set-AzureNetworkSecurityRule -Name "Enable RDP to $VNetName VNet" `
    -Type Inbound -Priority 110 -Action Allow `
    -SourceAddressPrefix INTERNET -SourcePortRange '*' `
    -DestinationAddressPrefix VIRTUAL_NETWORK `
    -DestinationPortRange '3389' `
    -Protocol *

See this for a complete example.
https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-dmz-nsg-asm/
0
 
stlhostAuthor Commented:
Thank you I was looking for this.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now