Added 443 and 25 to allow for inbound rule to VM
iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
Setup a listener on the vm
sudo nc -l 25
From external computer
telnet myVMip 25
Connection times out.
When doing the same procedure for 443 it works fine. This leads me to believe port 25 is blocked by azure itself?
Best way to troubleshoot this issue is usage of the traceroute with tcp packets. Use this command to check where the packets are blocked:
The next step - run the tcpdump on the VM and check incoming packets. The tcpdump captures packets before firewall.
So, if you see the packets in the dump, but nothing works, then check the firewall. By default the iptables command lists only the
filtertable. Better use theiptables-save -ccommand to show the full rule set with rule counters.Then check, the port is really listened. Use the
netstat -tlnporss -tlnp 'sport == :25'commands. You should see the listened socket and your program.If all steps above are done, but the service doesn't work, run the
strace -p <pid>command to check, the service really gets data from sockets.