- VM1 is deployed to subnet-1 in VNet-1. We have NSG-1 assigned to subnet-1 and NSG-2 assigned to NIC of VM1. You need to confirm if inbound RDP traffic will be allowed by looking at the following inbound rules:
I believe the answer here should be Deny. But answer says it allows. Can anyone recheck.
NSG-1 - (subnet-level) has a deny rule for port 3389 (Rule 103), which blocks RDP traffic.
Even though NSG-2 (NIC-level) allows RDP on port 3389 (Rule 104), the deny rule in NSG-1 will still block the traffic.