How to test the NSG diagnostics for Bulk source and destination in azure

53654583 111 Reputation points
2024-02-21T09:05:11.8033333+00:00

hi i have 3 source ips and 38 destination ips we need to test the flows from all the 3 source ips to all 38 destination ips on port 3389 , please help me how can i run it in a one go.

Azure Network Watcher
Azure Network Watcher
An Azure service that is used to monitor, diagnose, and gain insights into network performance and health.
173 questions
{count} votes

1 answer

Sort by: Most helpful
  1. GitaraniSharma-MSFT 49,586 Reputation points Microsoft Employee
    2024-03-04T13:06:35.1366667+00:00

    Hello @53654583 ,

    I understand that you would like to know how to test NSG diagnostics for multiple sources and destinations at once.

    You need help in checking NSG for multiple destination IPs at once. You have 3 source IPs and 38 destination IPs and would like to test the flows from all the 3 source IPs to all 38 destination IPs on port 3389 at once.

    I discussed this with the Azure Network Watcher Product Group team and below is their response:

    One NCD (Network Configuration Diagnostic) test will run in context of a single source.  However, you can specify multiple destinations to evaluate NCD w.r.t same source.

    Using PowerShell, create one profile for each destination and then run the NCD test.

    Refer: https://learn.microsoft.com/en-us/powershell/module/az.network/invoke-aznetworkwatchernetworkconfigurationdiagnostic?view=azps-11.3.0#example-1-invoke-network-configuration-diagnostic-session-for-vm-and-specified-network-profile

    https://learn.microsoft.com/en-us/azure/network-watcher/diagnose-network-security-rules?tabs=powershell#add-a-security-rule-to-allow-traffic-from-the-bastion-subnet

    Could you please try the above and let me know if you see any issues while using this with multiple profiles?

    Kindly let us know if the above helps or you need further assistance on this issue.


    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.