0

I have integrated Azure WebApp to SQL Server VM so that these can communicate via Vnet instead of public internet.

I have denied all TCP port 80 for incomings for security reason. I see that http posts reach successfully from WebApp to VM.

However when I deny all TCP port 1433 for comings, SQL queries stop reaching from Web App to SQL Server VM. I was expecting that integrated VNet would handle this. SQL Server VM have SQL connectivity settings as private(within virtual network) If I keep 1433 open I can access from my desktop Excel to SQL Server DB, which is security risk in this case.

How to solve?

Improve this question

1 Answer 1

Reset to default
1

Just close 1433 on the network security group to the traffic originating from the internet. That will block external traffic to 1433, but will leave internal intact.

https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsg

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

How to define source as internet? Priority: 1010, Name :SQLServer, Port 1433, Protocol: TCP, Source: Any, Destination: Any, Action: Deny,
learn.microsoft.com/en-us/azure/virtual-network/…
literally what you said, source - internet

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.