Set up the Security Identity Manager ports in Microsoft Azure

When an Security Identity Manager virtual machine is deployed in Microsoft Azure, by default interface M.1 will be configured with a single DHCP IP address of the management type. The address can be used to access the LMI and SSH. The Azure fabric will assign the networks private IP address specified during deployment to this adapter using DHCP.

By default, no ports are forwarded from the public IP address to the private IP address. Add ports under inbound port rules for ISIM interfaces in the Azure dashboard.

• Add the following ports to access the local management interface:
  • 22
  • 9443
  • 10443
• Add the following ports to access the application interface:
  • 9343
  • 10443
  • 11443

Additional interfaces can be configured using the Azure command line tools. The Azure Portal does not provide the capability of creating a virtual machine with more than one interface or for adding additional interfaces to an existing virtual machine.

Addresses other than the first private IP address on M.1 must be manually configured within Security Identity Manager. Configure the network settings of Security Identity Manager to match the private IP addresses configured on each adapter in Azure. The Security Identity Manager virtual machine runs the Windows Azure Agent daemon to communicate with the Azure fabric.

• The log file can be viewed on the application log files page under azure/waagent.log or by viewing the Boot Diagnostics panel in the Azure Portal.

• The Windows Azure Agent will periodically make requests to an internal Azure endpoint (typically within 168.0.0.0/8 169.0.0.0/8) to report deployment and heartbeat status.

Parent topic: Microsoft Azure support