This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 36%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
I am trying to integrate APIM(External) to the VNet where AKS is running. right now, I have created /29 CIDR subnet where AKS subnet is there and assigned to the APIM but APIM keep complaining that port 3443 is blocked. I have specifically added the rule to allow 3443 as mentioned in the troubleshooting steps https://learn.microsoft.com/en-us/azure/api-management/api-management-using-with-vnet#-common-network-configuration-issues to NSG assigned to the subnet, but still it throws the error? can someone help me how to troubleshoot further?
NSG Rule for subnet -> Inbound
priority- 102, Name - Port_3443, port - 3443, protocol - TCP, Source -
ApiManagement, Destination - VirtualNetwork, Action - Allow
Update: I have removed NSG from the subnet where APIM is, still its showing the same issue.
Do we have to add the port in all the subnet inside the Vnet ?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 87%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMU%3C/text%3E%3C/svg%3E)
@PRS Your NSG looks good, are other ports working fine?
@PRS Have you tried doing the same deployment against a regular VNET? I believe the External mode attempts to auto-configure some settings under the covers and I suspect they may not be working with AKS.