Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Azure and endpoint - allow only one IP to connect

Tags:

endpoint

azure

I am trying to configure my Azure VM to only allow connections on say ftp/sFPT from specific IP-addresses, but I seem to be completely unable to find out if this is at all possible.

I am able to create the endpoint, thus effectively opening the firewall, but I would not allow everyone to connect, just one or two specific IP's

like image 760
user2745817 Avatar asked Sep 04 '13 07:09

user2745817

People also ask

How do I restrict IP address in Azure?

You can use the Network Security Groups(NSG) to block some IPs. You can add different rules in one NSG and config this NSG to your cloud service's VNet. Firstly, you need to have a NSG with rules that can block the target IPs. You can use portal to create the NSG and add rules in it.

How many IP addresses does Azure require from a subnet?

Determine subnet size Azure uses five IP addresses in the subnet for its own needs. Each virtual cluster allocates an additional number of addresses.

Can Azure storage account can have both a public endpoint and a private endpoint at the same time?

An Azure Private link DNS zone has been configured to handle Azure DNS (this helps Azure switch the DNS response from the default public IP, back to a private IP owned by the endpoint, based on the source of the request – a private endpoint doesn't mean you can't use a public at the same time), to note, my VM's in ...

1 Answers

Old question, I know but still in the search results - and things have changed since the only other answer here.

You can edit the Access Control List via the Azure Management Dashboard: Virtual Machines -> select vm -> Endpoints -> select endpoint -> Manage ACL

or the Preview Portal: Select vm -> All settings -> Endpoints -> select endpoint

Enter the name for the ACL entry, "Permit" for action and then enter the CIDR notation for the IP Address sub range you want to allow. In this case a single IP address of 1.2.3.4 will require an entry of 1.2.3.4/32 and another entry to cover your second (and subsequent IP addresses unless they are contiguous and you can define a range).

Having this permit entry will create an implied Deny to 0.0.0.0/0 (which is deny access for everyone - but only after allowing access for your IP address)

like image 154
bitflipper Avatar answered Oct 15 '22 21:10

bitflipper
Sign in to Comment

Related questions

What is the reason for host lock lease acquired by instance id in Azure function?
How much garbage collection is too much
Azure Cloud storage SDK UploadFromStreamAsync not working
error NU1102: Unable to find package NuGet.Frameworks with version (>= 4.9.3)
Migrate VS2017 Azure DevOps pipeline to VS2019
VS Code Azure Account Extension asking to Select Subscription
Does Windows Azure support the Application Warm-Up module or something similar?
Is the connectionString within the project safe when deploying to the cloud?
Is it possible to make conditional inserts with Azure Table Storage
How to use SharedAccessSignature to access blobs
Deploying my Azure application to my Company local Windows Server
ASP.NET WebApi SelfHost service fails on HTTP URL registration
Could not load file or assembly 'System.Net.Http' or one of its dependencies
Java applet not working in Azure
What exactly are Windows Azure Instances? [closed]
Windows Azure: Delete disk attached to non-existent VM
Multiple SSL certificates in one azure deployment
"The function requested is not supported" exception when using SmtpClient in Azure role
How to log to a single file with concurrent processes in Django without exclusive locks
Can I start and shutdown an Azure VM via web requests?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!