You open a port, or create an endpoint, to a virtual machine (VM) in Azure by creating a network filter on a subnet or a VM network interface.
The example in this article demonstrates how to create a network filter that uses the standard TCP port 80 (it’s assumed you’ve already started the appropriate services and opened any OS firewall rules on the VM).
Internal access to the site:
External access over public IP:
1. Sign in to the Azure portal, select a virtual machine from the list. On the Virtual machine pane, select Networking.
2. On the Networking pane, select Inbound port rules then select Add inbound port rule button on the right.
3. Create an inbound security rule allowing traffic and assign values:
- Source port ranges: * (allows any source port).
- Service: Custom, or you can select predefined services from the drop-down list.
- Destination port ranges: 80 ( Provide a single port, such as 80; a port range, such as 1024-65535; or a comma-separated list of single ports and/or port ranges, such as 80,1024-65535. This specifies on which ports traffic will be allowed or denied by this rule. Provide an asterisk (*) to allow traffic on any port.)
- Protocol: TCP
- Priority: Enter a value that is less than 65,500 and higher in priority than the default catch-all deny inbound rule.
An inbound port rule was created.
Now, access the site over public ip address to verify it works.
