问题描述

我有一个应用程序网关，后端池中有2个IaaS虚拟机，SSL卸载，一切正常

我偶然将NSG应用到包含后端的子网池服务器和NSG拒绝从虚拟网络到虚拟网络规则。 然而，该网站继续工作，登录到Web服务器后，我仍然可以看到
端口80上的Web请求到达Web服务器，尽管该子网上的虚拟网络已被拒绝。

显然这对我来说是一个错误，但这是我预料会破坏网站的错误。 那么为什么不是我的问题？

后端池成员是否被排除在子网上的NSG规则之外？

I have an application gateway with 2 IaaS VMs in the backend pool, SSL offload and everything working fine

By accident I applied an NSG to the subnet that contained the backend pool servers and in that NSG was a deny any from virtual network to virtual network rule.  Yet the website continued to work, after logging onto the web servers I could still see the web requests on port 80 hitting the web servers despite the deny any from virtual network being in place on that subnet.

Obviously this was a mistake on my part but it was a mistake I expected would then break the website.  So why didn't it is my question?

Are backend pool members somehow excluded from NSG rules on a subnet?

这篇关于应用程序网关和NSG行为的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！