Unable to browse the ubuntu Azure instance (VM) using its firewall public IP in the browser

Question

Firstly, I have created the Virtual Network with the following configuration:

Option	Value
Region	Central India
Azure Bastion	Enabled
Azure Firewall	Enabled
Tier	Basic

Created the New Basic Policy & Azure Firewall Public IP address in the same section and then created.

Secondly, Virtual machine of Ubuntu 20.04 LTS with No Public IP in the same location and same Virtual Network.

Option	Value
Availability Options	Availability Zones
Availability Zone	Zones 1
Size	Standard_B2s - 2 vcpus, 4GB Memory
Authentication type	SSH public key
public IP	None

Third Step: Firewall Manager > Azure Firewall Policies > DNAT Rules > Added a Rule Collection with the following options:

Option	Value
Name	firewall-nginx-rulecln
Rule Collection Type	DNAT
Priority	100
Rule Collection group	DefaultDnatRuleCollectionGroup
Rules	No Rules

In the Same Page of Firewall Policy, DNAT Rules Section > Click on "Add rule":

Option	Value
Rule Collection Group	DefaultDnatRuleCollectionGroup
Rule Collection	Selected the previously created group
Name	firewall-rule
Source Type	IP Address
Source IP Addresses	MySystemsIPgotfrom https://whatismyipaddress.com/
Destination IP Addresses	Public IP of Firewall
Protocol	TCP
Destination Ports	4000
Translated Type	IP Address
Translated FQDN	VM's Private IP
Translated Port	80

Firewall Rule:

Fourth Step: Connected to the Ubuntu VM through Bastion Host and did the following steps present in this GitHub Page.

Problem:

Able to get the content present in index.html by sending the command curl localhost:80:

azureuser@linuxvm02:~$ curl localhost:80
<h1>I have learnt Azure Networking Concept, today</h1>

but not able to get the result in the browser if I enter the Firewall-PublicIP:Port (For eg, 4.247.159.154:4000)

Answer 1

Unable to browse the ubuntu Azure instance (VM) using its firewall public IP in the browser.

If you are unable to access the application using the Firewall Public IP, make sure to check the Azure Firewall Rules and Security Group Rules. Additionally, try accessing the application from another network, as there is a chance that traffic may be blocked, especially if you are using a corporate network.

Here are the steps to create an application on a Linux VM with a firewall public IP.

1. Create a Virtual Network with azure bastion and azure firewall.

Make sure to select Azure Bastion and Azure Firewall, as shown in the screenshot below.

Vnet Subnet configuration

2. Once the VNet is complete, create a virtual machine

VM network configuration

Make sure to download the private key to your local machine, as it is required to connect to the VM.

3. Once create the VM, Go to Firewall Manager > Azure Firewalls > Select your firewall and open > Firewall policy.

4. Open Firewall policy > DNAT rules > Create a collection rule.

Once the collection rule is created, add a rule by clicking "add rule".

5. Connect the VM using bastion.

6. After connecting to the VM, navigate to the root folder using the command below.

    sudo su

7. Update the current repository

    apt-get update

8. Install nginx

apt-get install nginx

9. Navigate to hmtl folder using below command.

cd /var/www/html/ 

10. Create sample index.html.

vim index.html

11. I'm able to access the application using Firewall Public IP.

12. When I try to access the same application from corporate network, I too got the same result.