Articles in this section
Category / Section

Add inbound Port in Azure VM for Bold BI

Published:

Overview

Opening ports in an Azure Virtual Machine (VM) is essential for enabling network traffic to reach your VM. This guide will walk you through the process of adding an inbound port rule in Azure to allow traffic through specified ports.

Steps to Open Ports in an Azure VM

Prerequisites
  • An Azure account with appropriate permissions to manage network settings.
  • An existing Azure Virtual Machine.
  • Basic knowledge of Azure portal navigation.
Step-by-Step Guide
Log in to Azure Portal
  1. Open your web browser and navigate to the Azure Portal.
  2. Log in with your Azure account credentials.
Navigate to Virtual Machines
  1. In the left-hand menu, click on “Virtual Machines”.
  2. Select the VM for which you want to open a port from the list of available VMs.
Open Networking Settings
  1. In the VM menu, under the “Settings” section, click on “Networking”.
  2. This will display the network interface settings for the selected VM.
Add Inbound Port Rule
  1. In the “Networking” blade, click on “Add inbound port rule”.

  2. Fill in the details for the inbound port rule:

    • Source: Choose the source from which the traffic is allowed (e.g., Any, IP Addresses, or Virtual Network).
    • Source port ranges: Specify the source port ranges (usually left as ‘*’).
    • Destination: Select “Any” or specify a destination IP address.
    • Destination port ranges: Enter the port number you want to open (e.g., 80 for HTTP, 443 for HTTPS).
    • Protocol: Choose the protocol (TCP, UDP, or Any).
    • Action: Set to “Allow”.
    • Priority: Set a priority number (lower numbers have higher priority).
    • Name: Provide a name for the rule (e.g., Allow-HTTP or Allow-HTTPS).
Save the Rule
  1. After filling in all the required fields, click “Add” to save the inbound port rule.
  2. The new rule will appear in the list of inbound port rules and take effect immediately.

Difference Between “Specific IP Addresses” and “Any”

Choosing between “Any” and “Specific IP Addresses” depends on the balance between accessibility and security required for your Azure VM.

Any Specific IP Addresses
Definition: The “Any” option allows traffic from all sources, meaning it does not restrict the source of the traffic. Definition: The “IP Addresses” option allows you to restrict traffic to only come from specified IP addresses or ranges. You can enter a single IP address or a CIDR (Classless Inter-Domain Routing) range.
Use Case: This is useful when you want your VM to be accessible from any location without restriction. It’s commonly used for services that need to be publicly accessible, such as a web server on port 80 (HTTP) or 443 (HTTPS). Use Case: This option is ideal when you want to limit access to your VM to only trusted sources. For example, if you are setting up a database server that should only be accessible from specific application servers or if you want to restrict SSH access to your own IP address for administrative purposes.
Security Implications: Using “Any” can expose your VM to potential security risks since it allows connections from any IP address on the internet. This option should be used with caution, and additional security measures, such as firewalls or intrusion detection systems, should be implemented to protect the VM. Security Implications: Restricting access to specific IP addresses significantly enhances security by minimizing the exposure of your VM to potential attackers. Only the specified IP addresses can initiate a connection, reducing the risk of unauthorized access.

Example: Opening Ports 80 (HTTP) and 443 (HTTPS) for Specific IP Addresses

  1. Navigate to the VM’s Networking settings.
  2. Click “Add inbound port rule”.
  3. Enter the following details:
Port 80 (HTTP) Port 443 (HTTPS)
Source: IP Addresses Source: IP Addresses
Source IP addresses/CIDR ranges: Enter the specific IP address (e.g., 203.0.113.0) or CIDR range (e.g., 203.0.113.0/24). Source IP addresses/CIDR ranges: Enter the specific IP address (e.g., 203.0.113.0) or CIDR range (e.g., 203.0.113.0/24).
Source port ranges: * Source port ranges: *
Destination: Any Destination: Any
Destination port ranges: 80 Destination port ranges: 443
Protocol: TCP Protocol: TCP
Action: Allow Action: Allow
Priority: 1000 Priority: 1001
Name: Allow-HTTP Name: Allow-HTTPS
  1. Click “Add” to save the rule.

Example: Opening Ports 80 (HTTP) and 443 (HTTPS) for Any

  1. Navigate to the VM’s Networking settings.
  2. Click “Add inbound port rule”.
  3. Enter the following details:
Port 80 (HTTP) Port 443 (HTTPS)
Source: Any Source: Any
Source port ranges: * Source port ranges: *
Destination: Any Destination: Any
Destination port ranges: 80 Destination port ranges: 443
Protocol: TCP Protocol: TCP
Action: Allow Action: Allow
Priority: 1000 Priority: 1001
Name: Allow-HTTP Name: Allow-HTTPS
  1. Click “Add” to save the rule.
Verification
  1. Ensure the inbound port rules are listed in the Networking settings of the VM.
  2. You can verify the rules by attempting to access the VM through the newly opened ports (e.g., using a web browser for HTTP/HTTPS).

By following these steps, you can successfully open ports on your Azure VM to allow inbound traffic.

Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
VA
Written by Vigneshwaran Alagappan
Updated
Comments (0)
Please  to leave a comment
Access denied
Access denied