Failed to Connect to Azure Public IP/Load Balancer (Connection Refused)

1
votes

I'm trying to set up a basic Azure load-balanced cluster of VMs, but am having issues accessing them outside of the virtual network that Azure creates. A sample request that I am testing with:

curl http://<publicIP of load balancer>:8080/rio/health

returns "Failed to connect; connection refused"

Notably: I can call from box 0 to box 1 using the private IP addresses. I can call from box 0 to 1 using the public IP address. I can not call from an external source to box 1 or the load balancer using the public IP.

So what I'm asking is, what else could be preventing me from accessing the virtual network in Azure externally? I have created both Inbound and Outbound Security rules from the Azure portal to allow any protocol from source port * to destination port *. Also, I created a load balancing rule to forward from port 8080 to backend port 8080. Anything else I'm missing to make the public IP accessible externally?

Thanks!

1
azureload-balancingazure-cloud-servicesazure-virtual-networknetwork-security-groups
I can't tell you what the exact problem is, but this really smells like a Network Security Group (NSG) config problem. It works within the VNET because there's a default rule on NSGs to allow all traffic originating in the VNET. You can see the default rules defined here: azure.microsoft.com/en-us/documentation/articles/…. Do you have the NSG associated with the VMs' NICs?Tim Wieman
Yeah, I did have a NSG associated with it - see answer below. Thanks for the help!Christian

1 Answers

1
votes

The issue I ran into here was I needed not only a load balancing rule to forward port 80 to 8080, but to add a probe on port 8080 as well!