Configuring Azure NSG
I am configuring the NSG for inbound traffic for a Virtual Machine hosted in Azure.
The inbound rule looks as follows:
The advisor is alerting that connetions say any / any
I need to leave the incoming as any because the users of the site may come from anywhere, but the destination should only be the VM particular website.
How should I configure the destination IP ?
currently looks like this:
I am not sure what to enter in the source port/range? The internal IP of the server, the external IP of the IP of the firewall where the DNS points at?
The inbound rule looks as follows:
The advisor is alerting that connetions say any / any
I need to leave the incoming as any because the users of the site may come from anywhere, but the destination should only be the VM particular website.
How should I configure the destination IP ?
currently looks like this:
I am not sure what to enter in the source port/range? The internal IP of the server, the external IP of the IP of the firewall where the DNS points at?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Entering source the IP of the VM did not work. I set it to Any.
One more thing, we are just installing a firewall. Shouldn't we then add the IP of the firewall as the only point of entry as well? source IP of firewall and destination the IP of the VM ?
One more thing, we are just installing a firewall. Shouldn't we then add the IP of the firewall as the only point of entry as well? source IP of firewall and destination the IP of the VM ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Seems I am out of sorts. I have pointed the DNS to the IP of the gateway so that traffic goes through there, but the configuration of the gateway/NSG is incorrect and now the website won't come up.
I just posted a project on the Gigs. If you know how to do this please contact me there since this is something that requires immediate attention.
I just posted a project on the Gigs. If you know how to do this please contact me there since this is something that requires immediate attention.
ASKER
Turns out that the issue was that TLS 1.0 and 1.1 were disabled on the VM and this was causing all sort of issues.
ASKER
The IP you mean is that of the virtual machine?