The following protocols and ports are required for Secure Connect to function:
(Required) inbound to WAN – TCP ports 22 (SSH), 80 (HTTP), 443 (HTTPS)
(Required) outbound from WAN – Allow all
(Optional) inbound LAN – Limited by site resource and access policy
One network security group may be created for each interface.
Complete the following steps to create a network security group and security rule for the WAN interface:
In the Azure portal, search for “network security groups” and select Network security groups from the Services list.
Note
Do not select .
Select .
Ensure that the subscription and region are correct.
Select the Resource group.
Enter a descriptive name for the network security group.
Select .
Select to save the new network security group.
Select .
Select , under Settings in the left-side navigation panel, and then select .
Enter
80, 443, 53, 8443for the Destination port ranges.Select the appropriate type of the protocol as mentioned previously.
Enter a descriptive name for the rule. Ericsson Enterprise Wireless recommends naming the rule based upon its function for usability and simplicity.
Select .
Repeat this procedure for an additional network security group or inbound or outbound security rules for the lan0 interface, if needed.