none
Do security groups block outbound traffic by default unless there is a corresponding inbound rule for the traffic? RRS feed

  • Question

  • Do security groups block outbound traffic by default unless there is a corresponding inbound rule for the traffic?

    In other words, without a inbound rule for port 80 will outbound traffic on port 80 be allowed.   let's say the traffic outbound is originating inside the network hence there is no inbound traffic for port 80.

    If there is UDP traffic on port 80 inbound then traffic on port 80 outbound will be blocked if there is no outbound rule on port 80?,... since UDP is a connectionless traffic.


    dsk

    Monday, September 16, 2019 6:52 PM

Answers

  • Hi, 

    By default, all outbound traffic in the NSG are allowed until and unless it is blocked by a deny rule. 

    Even if you block outbound traffic, if you have an inbound rule to allow port 80, the response from the server will not be dropped even if it is a UDP traffic. 

    Let me know if you have any further questions. 

    Regards, 

    Msrini

    Tuesday, September 17, 2019 5:43 AM
    Moderator

All replies

  • Hi, 

    By default, all outbound traffic in the NSG are allowed until and unless it is blocked by a deny rule. 

    Even if you block outbound traffic, if you have an inbound rule to allow port 80, the response from the server will not be dropped even if it is a UDP traffic. 

    Let me know if you have any further questions. 

    Regards, 

    Msrini

    Tuesday, September 17, 2019 5:43 AM
    Moderator
  • Do you have any update on this issue?

    Regards, 

    Msrini

    Thursday, September 19, 2019 12:51 PM
    Moderator
  • Hi, 

     

    Just checking in if you have had a chance to see the previous response. If this answers your query, do click “Mark as Answer” and Up-Vote for the same.

    Regards, 

    Msrini

    Monday, September 23, 2019 11:32 AM
    Moderator