question

ashishranjan-2755 avatar image
0 Votes"
ashishranjan-2755 asked ChaitanyaNaykodiMSFT-9638 commented

Logical firewall between load balancer and VMs

I am currently trying to learn azure cloud, I have worked with AWS before so may be trying to carry over some concepts here.

I need to know how we can configure a logical firewall to allow traffic from an azure load balancer to and VMs(scale sets or backend pools)?

I was able to do this between different VMs by assigning the VMs to different application security groups and allowing respective traffic from those groups in the network security group. I found the service tag 'AzureLoadBalancer' as an option in NSG rules but it seems that is only for allowing traffic from healthprobes and not from actual load balancer (also there is no option to select a certain load balancer). In the end I had to allow traffic from the public ip of the load balancer to the VNET to get the load balancer to work.

I hope there is a logical way to do this and if there is I am not sure what I am missing here, would appreciate anyone who could help here.

azure-virtual-networkazure-load-balancer
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @ashishranjan-2755, apologies for the delayed response here. I do not see any other logical way to achieve this. Allowing the public IP address is the correct way to in this scenario. Please let me know if you have any additional concerns. Thank you!

0 Votes 0 ·

0 Answers