-
The Status in the picture is wrong
-
15th question in Review Mode Set 3 – AZ-104 Azure Administrator.
The first picutre of “You execute an Azure Network Watcher Connection Troubleshoot operation for port 443.” must show Reachable in Status, but it’s Unreachable, which indicates that TD1 and TD2 cannot communicate. Then all the explanation in the answere is wrong. Fix the picture please.
- This discussion was modified 2 weeks, 3 days ago by Yo Matsuo.
-
Hello Matsuo,
Good day!
The “Unreachable” status in the Azure Network Watcher Connection Troubleshoot operation for port 443 is intentional as part of the scenario. It demonstrates that TD1 and TD2 cannot communicate, aligning with the explanation provided.
There should be a second statement and image using ICMP protocol with a “Reachable” Status (See image below). This differentiation highlights the network behavior based on different protocols. Let me know if additional clarification is needed!
Regards,
Neil @ Tutorials Dojo
-
Well, I don’t really get it yet. Can you please explain this scenario?
In that scenario, the network security group named TDNSG1 has the following rule.
Priority Source Destination Protocol Port Action
300 10.0.1.0/24 10.0.2.0/24 TCP Any Allow
This rule means that TD1 CAN connect to TD2, so it must be reachable in Status, no?
Also, TD1 and TD2 are in the same virtual network, so that means it can communicate each other, am I right? Or for listening port 443, a virtual machine needs an additional setting?
I’m confused now.
-
In the explanation, at the very bottom, this sentence, “One of the reasons port 443 was unreachable from TD1 to TD2 is that TD1 is not configured to listen to port 443.”, is this true?? Also, why TD1? Isn’t this TD2?
I thought Azure Network Watcher Connection Troubleshoot can communicate a virtual machine on port 443 even though the virtual machine doesn’t listen to port 443.
-
Hey, I just checked how Connection Troubleshoot actually works on Azure Portal, and I confirmed that “One of the reasons port 443 was unreachable from TD1 to TD2 is that TD1 is not configured to listen to port 443.” is right. Without an app or service listening port 443 on a VM, it would be unreachable.
Now I got a whole picture, and I now fully understand this scenario.
Sorry for bothering you and thank you for your help.
-
-
Hello Matsuo,
No worries at all, and thank you for following up! It’s great to hear that you’ve clarified how Azure Network Watcher Connection Troubleshoot operates and now fully understand the scenario.
Happy 2025!Regards,
Neil @ Tutorials Dojo
Log in to reply.