How to Create a NSG and Create Rules for it in Azure

Create the NSG-Frontend NSG

To create the NSG-FrontEnd NSG, complete the following steps:

1. From a browser, navigate to https://portal.azure.com and, if necessary, sign in with your Azure account.
2. Select + Create a resource > > Network Security Groups.

   

3. Under Network security groups, select Add.

   

4. Under Create network security group, create an NSG named NSG-FrontEnd in the RG-NSGresource group, and then select Create.

   

Create rules in an existing NSG

To create rules in an existing NSG from the Azure portal, complete the following steps:

1. Select All Services, then search for Network security groups. When Network security groups appear, select it.
2. In the list of NSGs, select NSG-FrontEnd > Inbound security rules

   

3. In the list of Inbound security rules, select Add.

   

4. Under Add inbound security rule, create a rule named web-rule with priority of 200 allowing access via TCP to port 80 to any VM from any source, and then select OK. Notice that most of these settings are default values already.

   

5. After a few seconds, you see the new rule in the NSG.

   

6. Repeat steps to 6 to create an inbound rule named rdp-rule with a priority of 250 allowing access via TCP to port 3389 to any VM from any source.

Associate the NSG to the FrontEnd subnet

1. Select All services >, enter Resource groups, select Resource groups when it appears, then select RG-NSG.
2. Under RG-NSG, select ... > TestVNet.

   

3. Under Settings, select Subnets > FrontEnd > Network security group > NSG-FrontEnd.

   

4. In the FrontEnd blade, select Save.