Forum Discussion
Solved
which port to join domain azure ad domain service ?
hello I try create Azure Ad domain service in separate subnet and assign nsg to subnet , i want deny all and open only these port need to use for Azure domain service as join domain , ldap , p...
- Hi good evening!
Now I understood, what you want.
In this case you will need to configure your own routes by using " User defined Routes" in the Azure Route Table, there you will can use a virtual Appliance to route the traffic.
It's not so complex, I will leave below two links, one talking about best practices on AZURE Networking and one to User Defined Routes, I recommend you read first the best practices.
Best practices= https://docs.microsoft.com/en-us/azure/security/azure-security-network-security-best-practices
User Defined Routes=
https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-create-route-table-portal
Hope it helps you!
Don't forget, let me know if it was helpful
See you Soon!
RodNet : I Still some not understand
As i understand then all subnet in azure will see all port as default to control portl between these subnet then need route traffic by UDR and to NVA (VM+ Firewall) ? and to do that need follow as step below ?
- Create a route table
- Create a route
- Create a virtual network with multiple subnets
- Associate a route table to a subnet
- Create an NVA that routes traffic
- Deploy virtual machines (VM) into different subnets
- Route traffic from one subnet to another through an NVA
NO. Only Subnet inside the same VNET will have communication with each other by default, so in this case you will need to use a user defined route.
I'd suggest you to create the VNET and subnets first. but every others steps are OK.
=D
I'd suggest you to create the VNET and subnets first. but every others steps are OK.
=D
Thanks all Support