NSG inbound rule deny but I can connect to VM

Prasad Jayarathne 21 Reputation points


I create simple VM and simple nsg rules. I just want to know how it is still able to connect to vm via Private IP.

prasad@Prasad Ethireddy :~$ ssh azureuser@
azureuser@'s password:
Welcome to Ubuntu 20.04.5 LTS (GNU/Linux 5.15.0-1022-azure x86_64)

0 updates can be applied immediately.

New release '22.04.1 LTS' available.
Run 'do-release-upgrade' to upgrade to it.

Last login: Thu Oct 20 02:28:15 2022 from
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.


Not Monitored
Not Monitored
Tag not monitored by Microsoft.
32,929 questions
0 comments No comments
{count} votes

Accepted answer
  1. Carlos Solís Salazar 15,171 Reputation points

    Hi @Prasad Jayarathne

    Thank you for asking this question on the **Microsoft Q&A Platform. **

    When you connect from a Private IP to a Public IP, the NSG only "sees" your Public IP.

    If you need to block access to the host, you must change the private IP for your public IP in the NSG

    You can create rules for private IPs when you are via VPN or in other VLANs

    Hope this helps!


    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
    NOTE: To answer you as quickly as possible, please mention me in your reply.

0 additional answers

Sort by: Most helpful