2 min. Read
Deployment Added rules for Azure Network Security Groups (NSG), you can configure larger, more complex network security policies and fewer rules. Multiple ports, multiple clear IP addresses, service identifiers, and application security groups can all be combined into a single, easy-to-understand security rule.
Unfortunately, Added rules is not available in Azure Stack after this article was written. Network Security Groups (NSGs) do not work in the Azure Stack in the same way as the global Azure. In Azure, you can set multiple IP addresses and ports for a single NSG rule (using portal, PowerShell, and resource management templates).
However, in Azure Stack, you cannot set multiple IP addresses and ports for a single NSG rule through the portal.
To check the difference between Azure and Azure Stack networks, I recommend that you keep checking next scam sheet.
Set multiple IP addresses for a single NSG rule in Azure Stack
What if you have just under a hundred IP addresses to add to whitelists and a large number of protocols to open in Azure Stack, you can hardly do it manually with every NSG rule.
The good news is, from Azure stack update 1903, you can assign multiple IP addresses and ports to a single NSG rule using either the Resource Manager template, PowerShell, or the Azure CLI.
What about the portal ??? Well, this is ‘technically’ possible to do it through the Azure Stack portal due to an error.
To assign multiple IP addresses to a single NSG rule in the Azure Stack portal, follow these steps:
- First add an NSG rule (inbound or outbound) with multiple IP addresses and one port, wait for it to throw an error ! as shown in the following screenshot, and then switch to Basic. By default, when you add an NSG rule, the configuration is Advanced mode.
- Once you’re in Basic mode, you can click Add now.
- One rule is added, you can check that multiple IP addresses are set the way you want 🙂
Unfortunately, you can’t add multiple port areas to the Azure Stack portal. This workaround only applies to Source and Target IP address range. To set up multiple ports, you need a Resource Manager template, a PowerShell, or an Azure CLI.
Please note that Microsoft does not officially support this. It is a workaround, and hopefully Microsoft will address it in the near future.
Hopefully this will help!
Thanks for locking my blog.
If you have any questions or feedback, please leave a comment.