question

EmilienCourt-9095 avatar image
0 Votes"
EmilienCourt-9095 asked ·

NSG not applying properly

Hi,

I have created a NSG which blocks all inbound and outbound traffic, and have attached the only network interface of an Azure Virtual Machine (Windows 10) to it. The rules are effective, according to the Azure Portal.

The two rules of the NSG are :

 $rule1 = New-AzNetworkSecurityRuleConfig -Name InboundDisallow -Access Deny -DestinationAddressPrefix * -DestinationPortRange * -Direction Inbound -Priority 100 -Protocol * -SourceAddressPrefix * -SourcePortRange *
 $rule2 = New-AzNetworkSecurityRuleConfig -Name OutboundDisallow -Access Deny -DestinationAddressPrefix * -DestinationPortRange * -Direction Outbound -Priority 100 -Protocol * -SourceAddressPrefix * -SourcePortRange *

RDP is blocked, and I can not ping the machine, which is excepted.

However, I can still run PowerShell scripts on the machine, using Run Command (from the Portal or Powershell), which should not be possible (https://docs.microsoft.com/en-us/azure/virtual-machines/windows/run-command#restrictions) as it requires to authorize AzureCloud Outbound on port 443.

I have also tried to detach the network interface and attach the subnet to the NSG, and I can still use this command. I have also tried rebooting the virtual machine, deleting and creating again the VM and the NSG, same results.

Would you have any idea why it does not work ?

Thanks in advance, Regards

azure-virtual-machines-networking
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

ManuPhilip avatar image
0 Votes"
ManuPhilip answered ·

Hi @EmilienCourt-9095 ,

Disable WINRM ports 5985 and 5986 also and see if it helps. One is for HTTP and other for HTTPS

Please mark as "Accept the answer" if the above steps helps you. Others with similar issues can also follow the solution as per your suggestion

Regards,

Manu

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.