Forum Discussion
Azure NSG Challenge : When NIC and Subnet Rules Collide
Imagine this real-world scenario: 🔹 A VM needs to connect outbound via RDP (TCP 3389) to an external server for management. 🔹 The NIC-level NSG allows outbound RDP, ensuring the VM can initiate ...
Answer: The outbound RDP connection will succeed.
Because Azure NSGs are stateful, only outbound rules are evaluated for outbound traffic. The inbound deny rule at the subnet level doesn't impact return traffic from an outbound-initiated session.