I have internet facing Azure load balancer with public static IP (call it PIP) and I added a NAT rule - forward TCP port 12345 to local (subnet's IP) 10.2.2.2:3389 (VM that doesn't have public IP). And I'm trying to set NSG for subnet and VM's NIC.
subnet's NSG rules (all TCP):
- 100: Source PIP:* => 10.2.2.2:3389 (from load balancer IP to VM's local IP)
- 120: Source Internet:12345 => 10.1.2.4:3389
VM's NSG rules:
- 100: PIP:* => 10.2.2.2:3389
and here's the problem: if I use Network Watcher's IP flow verify and set local IP to 10.2.2.2:3389, Remote IP:[PIP:12345] I get green light. Same with setting both ports (local and remote) to 3389. But when I'm trying to Remote Desktop to that VM from outside I get a connection error!
I have no idea why. The VM is up and running, all good here.
