Apache not reachable from outside an Azure Ubuntu VM

Question

I've just created a Linux Ubuntu 14.04 VM in Azure. The VM is up and i can connect via SSH.

I've setted up apache2 and is running. My issues starts when i try to access from the outside with my public IP.

I think apache is up and running because:
1) Nmap shows that the port is open:

Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-06 07:42 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000055s latency).
PORT   STATE SERVICE
80/tcp open  http

2) curl localhost show something

3) running tcpdump -i eth0 'port 80' show the incoming connections

The ouputs of:

netstat -ntlp
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      -               
tcp        0      0 127.0.0.1:29131         0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -               
tcp6       0      0 :::80                   :::*                    LISTEN      -               
tcp6       0      0 :::22                   :::*                    LISTEN      -

But running

ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

it shows up only my private ip and the ipv6.

According to the support guy from Azure, the setting of my VM, Network Security Group, endpoints and other stuff seems to be ok.

Answer 1

According to your description, maybe we need to do some tests:

1. We need to run command “telnet public 80” with your local PC to test the connectivity. If the telnet is ok, we need to check the apache’s settings.
2. If the telnet is false, we need to run command “tcpdump -i eth0 ‘port 80’” to capture packet, to confirm is there any incoming connections. If you can't capture the packet, we need to check the VM's network settings.
   If you can capture the packet, and the source addresses come from the public network, we need to check the endpoints or NSG settings.

3. If the VM deployed in the classic mode, we need to check the endpoints settings, to make sure the port 80 is opened. If the VM deployed in the resource mode, we need to check the NSG settings.

   If you still have questions, welcome to post back here. Thanks.

Answer 2

Perhaps the Network Security Group is denying the traffic.

In the Azure Portal, go to All Resources, and locate the Network Security Group applied to the VM. On the Overview page of the NSG, you will see a list of rules that govern traffic to and from the VM. Is there a rule that allows port 80? If not, in the Settings of the NSG, add a new rule.