question

Dave-0026 avatar image
0 Votes"
Dave-0026 asked kanimozhielumalai-9058 commented

Azure VM to VM communication

Hello All,
Looking form some information and how-to


I would like to have my VMs on two different V-Nets be able to communicate with each other....
I know I can do peering between the V-Nets and that allows communication fine, and I have set that up between a couple of my V-Nets.
But I want to take a more secure approach to things, because I will have to lock things down in preparation for PCI testing.
So I have a machine sitting in East US and it's IP is 10.51.0.132
I set up another VM in East US 2 and it's IP is 10.54.0.4
I went in and added Inbound/Outbound rules on both of the NSG's associated with the two machines....allowed all ports and all protocols....so just wide open.
But I am not able to ping from one to the other.

Where am I messing up??
Thank you

azure-virtual-machines
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Dave-0026 avatar image Dave-0026 kanimozhielumalai-9058 ·

I think what I will have to do is set up peering between the VNets
Then create a NSG on them and go in and deny everything, but the stuff I want to pass.
I have not been able to find any other way to do it.

0 Votes 0 ·
priku avatar image
0 Votes"
priku answered priku commented

You have to allow the ping request from the operation system also.
https://www.thomasmaurer.ch/2019/09/how-to-enable-ping-icmp-echo-on-an-azure-vm/

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I will give that a read.
But I still think I am missing something,
Because I cannot not RDP from one to the other, I can't connect to the hard drive
i.e. \\10.51.0.132\c$

0 Votes 0 ·

You have to enable those services from the vms you are going to use. For rdp go to server manager and enable remote desktop.

0 Votes 0 ·

For hard drive share you have to enable rules on Windows Firewall for inbound and outbound of File and Printer Sharing.

0 Votes 0 ·
EhfazR avatar image
0 Votes"
EhfazR answered EhfazR edited

Looks like everything has been configured at the network layer in Azure. However, what about the Windows firewall on both the machines? You have to open the respective ports, else if you need to configure admin access to-and-fro, you can disable the Windows firewall on both the machines (at least to test it out).

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

bedge avatar image
0 Votes"
bedge answered

For that to happen, you need to do two things:

  1. Peer the two VNets together.

  2. Create an NSG rule that only allows those two VMs to communicate with each other; no other VMs should be able to communicate to the other VNet.


On the rule, for PING (ICMP) to work, you need to also allow ICMP for the Virtual Machines to be able to ping each other.

If it's still not working, if it's on Windows, try disabling the Windows Firewall as this may be blocking the ping request or create an exception by just enabling ping (ICMP).

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.