Share via

Not able to connect Microsoft website from windows virtual machine

Mani 25 Reputation points
2024-07-10T10:33:46.7766667+00:00

Hi,

I have created window virtual machine in private network and trying to access the microsoft website [http://learn.microsoft.com/en-us/] but it is generating the below error. Error suggesting to add some thing to inbound/outbound rule of Network security group. Could you please help me on this.
Action: Deny. Reason: No rule matched. Proceeding with default action.

Regards,

Mani

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,427 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Daisy Zhou 23,181 Reputation points Microsoft Vendor
    2024-07-10T13:05:59.97+00:00

    Hello

    Thank you for posting in Q&A forum.

    It sounds like your Network Security Group (NSG) rules might be blocking access to external websites. Here are the steps to update your NSG to allow outbound traffic to access the Microsoft website:

    1.Identify the NSG associated with your Virtual Network or Virtual Machine:

    • Go to the Azure portal.
    • Navigate to the "Virtual Machines" section.
    • Select your Virtual Machine.
    • In the VM's menu, select "Networking".
    • Note the NSG associated with your VM's network interface or subnet.

    2.Update the NSG Rules:

    • Go to the "Network security groups" section in the Azure portal.
    • Select the NSG associated with your VM.
    • Click on "Outbound security rules".

    3.Add a new rule to allow HTTP and HTTPS traffic:

    • Click on "Add" to create a new outbound security rule.
    • Fill in the required fields: - Destination: "Service Tag" - Service Tag: "Internet" - Protocol: “TCP” - Destination Port Ranges: "80,443" (for HTTP and HTTPS) - Action: "Allow" - Priority: Choose a priority number that is lower than the default deny rule. - Name: Give it a meaningful name like "Allow-Internet-HTTP-HTTPS"

    4.Save the rule:

    • Click "Add" to create the rule and save it.

    5.Verify the rule is in place:

    • Check that your new rule appears in the list of outbound security rules and is set to allow traffic as expected. After updating the NSG rules, try accessing the Microsoft website again from your VM.

    If the issue persists, you might also want to check inbound security rules, firewall settings within the VM, or any additional network configurations that could be causing the block.

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

  2. ChaitanyaNaykodi-MSFT 26,096 Reputation points Microsoft Employee
    2024-07-16T22:39:17.86+00:00

    @Mani

    Thank you for reaching out.

    Based on the error observed here

    Deny. Reason: No rule matched. Proceeding with default action

    This error is thrown by Azure Firewall when neither Application or network rules match the request been sent. The default action of Azure Firewall is deny.

    I understand you are trying to access the Microsoft website [http://learn.microsoft.com/en-us/]. In order to allow the traffic, you need to create an Application rule as described here to allow the FQDN above.

    If above does not help, it will help if you could share a network diagram of your set-up and it will help pin-point the issue.

    Hope this helps! Please let me know if you have any additional questions. Thank you!

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.