I have setup an http endpoint (port 80) for my Azure VM. I have verified that the firewall is allowing port 80 both in and out. (My VM operating system is Windows Server 2012.)
Yet still, I am unable to hit IIS on port 80 from a remote machine. (Locally I can hit localhost just fine.)
So I'm wondering if what I'm missing is a network acl. However, the Azure documentation (as of 12/2/2013) seems contradictory:
When a virtual machine is created, a default ACL is put in place to block all incoming traffic. However, if an endpoint is created for (port 3389), then the default ACL is modified to allow all inbound traffic for that endpoint.
Yet below it says:
It’s important to note that by default, when an endpoint is created, all traffic is denied to the endpoint.
Which is correct? Do I need to create an allow all ACL? Am I missing something else about how Azure DNS and network traffic works?
