SFTP Gateway Support

3.0

Modifying Network Security Group (NSG) rules

Overview

A Network Security Group (NSG) should be used to restrict network traffic to a whitelist of IP ranges that need access.

If you have already provisioned the SFTP Gateway VM, you can still modify your NSG rules at any time.

You want to open ports 22, 80, and 443 to your computer's public IP address.

Find your NSG

1. Go to the Resource Group that contains your VM.

You should see a list of resources:

azure-nsg-resource

Click on the resource that is of the Type Network security group

2. Filter the rules

You should see this screen:

azure-nsg-rules

This screen is going to be very noisy. So you can filter out this noise by clicking on:

  • Inbound security rules
  • Default rules (this will hide any rules you are unable to edit)

You should now see a list of IP address ranges and ports.

3. Add/Edit the rules

You can click +Add, or select an existing rule to make changes.

Your goal is to have the following:

  • Port: you want to see 22, 80, and 443. They can either be three separate rules, or a single rule with commas (i.e. 22,80,443)
  • Source: you want to see your IP address, followed by /32 (this indicate a range of a single IP).

Note: To determine your computer's IP address, you can visit http://checkip.dyndns.org

Delete ts-tmp filesUsing mount bind to share local folders (Azure)