Here's what we'd like to do:
- run a service on a VM
- open a port to that service (say, 2113)
- allow other VMs to connect to that service over that port
- allow compute instance to connect to that service over that port
- not expose that service and that port to the public internet
Here's what we've done:
- create a "virtual network" in azure
- created our VM to run that service in that virtual network (it's running on 10.0.0.4)
- verified that we can connect to our service successfully from the local machine using a web browser to localhost:2113
- discovered that we cannot connect to 10.0.0.4:2113 from that local machine
- opened the 2113 port on the windows firewall
- no joy
- allowed the application that is the service in the windows firewall
- no joy
- turned off the windows firewall entirely for public and private networks
- no joy
- added an endpoint for that port for the VM via azure portal
- no joy
- created other VMs in the same cloud service/same virtual network and played around with connecting to the public and private ip addresses of that service on the 10.0.0.4 machine
- no joy
This *seems* like it should be really easy. There are an army of tutorials and articles out there in the world that *almost* describe what you have to do. But apparently, not close enough.
What are we doing wrong here?