Wednesday, March 9, 2022

Test the firewall


  1. First, note the private IP address for VM-spoke-01 virtual machine.

  2. From the Azure portal, connect to the VM-Onprem virtual machine.

  1. Open a web browser on VM-Onprem, and browse to http://<VM-spoke-01 private IP>.

    You should see the VM-spoke-01 web page: VM-Spoke-01 web page

  2. From the VM-Onprem virtual machine, open a remote desktop to VM-spoke-01 at the private IP address.

    Your connection should succeed, and you should be able to sign in.

So now you've verified that the firewall rules are working:

  • You can browse web server on the spoke virtual network.
  • You can connect to the server on the spoke virtual network using RDP.

Next, change the firewall network rule collection action to Deny to verify that the firewall rules work as expected.

  1. Select the hybrid-test-pol Firewall Policy.
  2. Select Rule Collections.
  3. Select the RCNet01 rule collection.
  4. For Rule collection action, select Deny.
  5. Select Save.

Close any existing remote desktops before testing the changed rules. Now run the tests again. They should all fail this time.

No comments:

Post a Comment