Troubleshoot Azure Inbound Security Rule Not Working

Question

I created a new Windows Server 2012 R2 virtual machine in Microsoft Azure. Among other things installed on that virtual machine is a web site hosted in IIS, but I can't seem to get IIS on that server to respond externally.

I am using the Resource Manager, so on my Public IP Address, I configured the DNS name (from Configuration), so the full DNS name is myapp.eastus2.cloudapp.azure.com where myapp is my actual app.

Then, on my Network Security Group, I added an Inbound security rule with the following settings:

Name: HTTP
Priority: 1020 (there are no conflicting rules higher in priority)
Source: Any
Protocol: Any
Source port range: * (it was 80, but changed it after reading this post: Connection timeout port 80 on new Azure VM with NSG rules configured, but I would still think 80 should work)
Destination: Any
Destination port range: 80
Action: Allow

It doesn't matter if I try to access it by DNS name or the IP directly, I just get a timeout error. I can navigate to the web site on the local machine using either the machine name (e.g. http://myapp) or localhost. I also cannot navigate to the web site from the local machine using the full name (e.g. http://myapp.eastus2.cloudapp.azure.com).

Moreover, I'm really at a loss as to where to even troubleshoot this. Clicking on the Audit Logs only seems to show actual edits to the item (makes sense) and I did turn on Diagnostics for the NSG (like in this article: https://github.com/Azure/azure-content/blob/master/articles/virtual-network/virtual-network-nsg-manage-log.md), but it doesn't seem to be logging anything when I hit the endpoint (there are no new blobs in my storage account).

Anyone have any ideas?

Troubleshoot Azure Inbound Security Rule Not Working

Answers (1)

Related Questions