![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 54%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENJ%3C/text%3E%3C/svg%3E)
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,202 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 0%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESW%3C/text%3E%3C/svg%3E)
Hi @Norton, Joshua , I understand that you want to allow vNet connection to TCP port 1521 using NSG.
You need to add an inbound entry to the NSG applied to your subnet (if there is no NSG applied, create a new one and associate it to your subnet):
- Priority = 100 (or any number between 100 and 4096. Rules are processed in priority order, with lower numbers processed before higher numbers)
- Source = VirtualNetwork (or your FrontEnd subnet's CIDR)
- Source ports = * (0-65535)
- Destination = VirtualNetwork (or your DB subnet's CIDR)
- Destination ports = 1521
- Protocol = TCP
- Access = Allow
There is a default Deny Outbound rule to deny everything else:
| Priority | Source | Source ports | Destination | Destination ports | Protocol | Access |
|---|---|---|---|---|---|---|
| 65500 | 0.0.0.0/0 | 0-65535 | 0.0.0.0/0 | 0-65535 | Any | Deny |
Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.