Reputation: 27
Issue with Azure Standard Load Balancer not routing traffic to VM despite pre-defined inbound rule
I'm encountering an issue with Azure Load Balancer where I'm unable to access my Private VM despite having a pre-defined inbound rule that should allow traffic from the load balancer.
Here's the setup:
Operating system: Windows (Windows Server 2022 Datacenter Azure Edition) Size: Standard B4ms (4 vcpus, 16 GiB memory) Region: East US
I have deployed a Private VM with IIS installed. I created a public Standard Load Balancer and attached the VM as a backend target. Azure automatically created an inbound rule named "AllowAzureLoadBalancerInBound" with the properties: Priority: 65001, Port: Any, Protocol: Any, Source: AzureLoadBalancer, Destination: Any, Action: Allow to the inbound rules of VM.
Here are some additional details:
Here is my load balancing rule
I don't have any Inbound NAT rules and Outbound rules defined.
Health probe and backend pool configurations are correct, with a 100% health probe result.
There are no firewall issues, as explicitly adding an inbound rule for HTTP traffic allows access to the IIS page.
I'm confused about why I need to create an additional inbound rule when there's already a pre-defined rule by Azure to allow traffic from the load balancer to the backend VMs.
Any insights or suggestions on what might be causing this issue would be greatly appreciated. Thank you!
Upvotes: 0
Views: 862
Answers (1)
Reputation: 7614
Issue with Azure Standard Load Balancer not routing traffic to VM despite pre-defined inbound rule.
The issue you encountered may be due to the absence of a rule in the Network Security Group allowing traffic on port 80 from your IIS server, which is installed on the Windows Server.
IIS Server configuration
Load balancing rule:
Load Balancer IP:
NSG Rule:
The one you are referring to is not your load balancer; it is provided by default in Azure for managing Azure infrastructure. You can check the Microsoft documentation for available service tags, including AzureLoadBalancer: Available service tags: AzureLoadBalancer.
You may refer to the Create a public load balancer to load balance VMs using the Azure portal MS Doc, as it requires opening ports that are used in load balancing rule backend ports.
For example, if you are using port 80 for the backend in the load balancer rule, you should allow it in the network security group.
The application is accessible via the Load Balancer public IP address using port 50000.
Upvotes: 0
Related Questions
- How to add a backend with virtual machine IP for Azure Load Balancer in Terraform
- Azure - no access to VMs behind a internet facing standard Load Balancer
- Why is azure load balancer still sending traffic to nodes after health probe down?
- Forward requests to a recovered/restarted VM with a Azure Load Balancer
- Azure Standard Internal Load Balancer backend machines partial internet access
- Using Azure load balancer to reboot/update server with zero downtime
- Azure LB not routing traffic to VMs
- Azure load balancer rule not working