Azure Ubuntu VM, cannot access port 8080 even with ufw disabled and inbound rule added for this port

Question

I am unable to access an azure Ubuntu VM's web app on port 8080. The VM is linked to a Virtual Network, where the network security group has inbount rules configured for 8080, and the ubuntu firewall has been disabled(ufw).

Here are the details:

1. The VM :

2. The allowed rules for port 8080 in the network security group :

3. The firewall has been disabled on the vm :

4. Any request to http://publicipaddress:8080/service does not work :

Please advise what else is required to make it work.

The request however works if an inbound rule of allow-all (*) is added instead of a particular port (8080), which defeats the purpose of security.

Thanks, Cheers -Gary

Answer 1

It was my mistake of wrongly configuring the nsg ingress to match the port number (eg : 8080) instead of matching the source port to *.

The protocol - source and destination host:port combination where therefore wrongly setup.

It all works now after correcting it.

Answer 2

Thanks Nancy,

1. The output of the netstat command is :

It appears that the port 8080 is listening to all addresses (but maybe on IPv6?)

2. The VM and the NSG are part of the same group :

the resource group:

3. Did remove the outgoing rules, but it still does'nt work :(.

Not sure what else am i missing.

Answer 3

From your description, here are some possible reasons:

• Your application or service is not listening on the correct port 8080 for Foreign Address 0.0.0.0:*. You could try to run the command sudo netstat -alpn | grep LISTEN on the Azure VM to validate it. If not, you could find what's real IP of the application consumed.
• Your Azure VM is associated with some other NSGs. You could check if there is an extra subnet level or network interface level from virtual machine --- networking.
• Try to remove the custom Outbound security rules in your NSG.

Let me know if you need further help.