As we all known, virtual machines in the same virtual network can automatically communicate with each other by using a private network channel. However, we may find that we cannot ping the other virtual machines in the same virtual network.
In fact, this is due to the inbound traffic of ICMP protocol is disabled in Windows Azure by default. Since the ping utility is implemented using the ICMP "Echo request" and "Echo reply" messages, in these scenario, the ICMP request messages cannot be received on the virtual machines that you have pinged.
To solve this, we just need to enable the File and Printer Sharing (Echo Request-ICMPv4-In) rule in Windows Firewall Inbound Rule on the windows Azure Virtual Machines.
According to this, we did a test in our environment as below:
1. Create a virtual network
Firstly, we created a virtual network by using the Custom Create wizard in the Management Portal as below:
1) Open Windows Azure Management portal, click Add, and choose Network Services, Virtual network, and then click Custom Create. Please refer to Figure 1.
Figure 1: Create a virtual network
2) On the Virtual Network Details page, create a name for your virtual network and assign it to an affinity group and region. Please refer to Figure 2.
Figure 2: Virtual Network Details page
3) On the DNS Servers and VPN Connectivity page, specify the IP address of the DNS servers to use for name resolution. In our test, we didn’t specify a DNS Server so that Windows Azure use its own default DNS service. Besides, as we had no requirements to configure VPN connections, we unchecked the options for VPN.
Figure 3: DNS Servers and VPN Connectivity page
4) On the Virtual Network Address Spaces page, create the private address space for the virtual network. We created two subnets in the virtual network 192.168.0.0/24.
Figure 4: Virtual Network Address Spaces page
After that, we can see the Virtual network is created successfully in the network page (Figure 5).
Figure 5: Network page
2. Add Virtual Machines into the VLAN
Later, I created two Virtual machines (test1 and test2) into the subnet 192.168.0.0/25 in that virtual network. You can create the Virtual machines into different cloud services, in our test, we added them into the same cloud service –testcloud01.cloudapp.net. You can refer to the detailed information of those two Virtual machines in the screenshots of Quick Glance below (Figure 6 and Figure 7):
Figure 6: Quick Glance of VM test1
Figure 7: Quick Glance of VM test1
3. Log on to the Virtual Machines
We started the Virtual Machines in the Windows Azure Management Portal, after the Virtual Machines were in the Running status, we download the RDP file and entered the usernames and passwords for the Virtual Machines to log on to the Virtual Machines. (Figure 8 and Figure 9)
Figure 8: Enter the credentials for VM test1
Figure 9: Enter the credentials for VM test2
4. Enable related Windows Firewall rule
After we log on to the Virtual Machines, we can see that the Virtual Machine test1 couldn’t ping the Virtual Machines test2 and vice versa. (Figure 10 and Figure 11)
Figure 10: Ping VM test2 from the VM test1 failed
Figure 11: Ping VM test1 from the VM test2 failed
Then, we opened the Windows firewall advanced settings and clicked “Inbound Rules”, then click the “File and Printer Sharing (Echo Request-ICMPv4-In)” rule and clicked “Enable Rule” on both of the two Virtual Machines. (Figure 12)
Figure 12: Enable inbound Windows Firewall rule
After that, the Virtual Machines test1 and test2 could ping each other successfully. (Figure 13 and Figure 14)
Figure 13: Ping VM test2 from VM test1 succeed
Figure 14: Ping VM test1 from VM test2 succeed
More information:
About Virtual Network Settings in the Management Portal
http://msdn.microsoft.com/en-us/library/azure/jj156074.aspx
Add a Virtual Machine to a Virtual Network
http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-add-virtual-machine/
Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.