Not able to restrict access to vm only by certain ips by creating inbound rules

Question

We had migrated our vm from subscription to other but now when we set inbound rule to restrict access only by certain IP's, we are not able to access the vm. As a test, we allow all IPs and that's working fine.

Answer 1

Hello Athira Chandran

Can you please share the few follow-up questions that could help clarify the situation:

1. What specific inbound rules have you configured (IP addresses/ranges)?
2. Can you confirm if your current IP address is listed in the allowed rules?
3. Have you checked the priority order of your rules in the Network Security Group?
4. Are there any logs that indicate which rule is responding with the block?
5. Can you please share the Screenshots of NSG rules created by you in the Private Messages.

Meantime,

1. Ensure that the IP addresses you've allowed in your inbound rules are accurate and not blocking your own current IP. You can use whatismyip.com to confirm your current IP address and verify if it's included in the allowed list.
2. Remember that Azure processes rules in order of priority. If you have a broader deny rule that is higher in priority than your specific allow rules, it might be blocking access. Make sure your allow rules are at a higher priority.
3. a) Go to your VM in the Azure Portal and navigate to the "Support + Troubleshooting" section. b) Use the Connection Troubleshoot feature to test inbound connectivity from one of the allowed IPs to see if there are any issues detected.
4. If your VM has an internal firewall (like Windows Firewall), make sure it's also configured to allow the IPs you're trying to permit.

References:

• Diagnose Azure VM connectivity problems
• Network security groups - Inbound
• Diagnostic Logging
• Azure VM Guest OS firewall is blocking inbound traffic

---I hope this was helpful!

If the above is unclear or you are unsure about something, please add a comment below.