This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 49%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETJ%3C/text%3E%3C/svg%3E)
Currently our infrastructure is that the application gateway is publicly facing, and is also on a VNET within a subnet and this subnet has an NSG around it.
The application gateway NSG allows it to talk to another Subnet within the same VNET that has the Internal Load Balancer.
What I would like is to add an NSG to the Load Balancer Subnet and within that NSG, add in the Inbound rules to only allow traffic coming in from the Application Gateway.
Is there anyway this can be done?
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
Hello,
Resources deployed in different subnets but under same VNET can communicate by default. You can setup NSG rules on top of specific subnet allowing inbound to only APPGW IP and deny other.
Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.
If you think your question has been answered, click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.
Best regards
Subhash