-
Hello morgadob,
Thanks for reaching out to us.
It’s important to pay close attention to explicit details in the scenario. For example, the statement “TD2 allows ICMP in its inbound Windows firewall” is clearly mentioned, which helps explain why ICMP traffic succeeds. In contrast, there is no mention of port 443 being allowed or selected as one of the inbound ports in the scenario. Even if the NSG permits traffic, the Windows firewall or the application itself must also be configured to accept connections on that port.
If all configurations are correct and TDNSG1 is associated with TD2, TCP traffic should be allowed as per rule 300. The key takeaway is that NSG rules alone don’t guarantee connectivity; they simply permit it. The actual success of a connection also depends on the destination VM being ready to accept it.
This information was clearly stated in the given explanation: “One of the reasons port 443 was unreachable from TD1 to TD2 is that TD1 is not configured to listen to port 443.”
Hope this clears things up! Let us know if you need further assistance.
Best regards,
JR @ Tutorials Dojo
