Windows Azure Virtual Machine Endpoints

Prior to June Windows Azure had been strictly a Platform-as-a-Service, or PaaS, environment which presented numerous challenges to those interested in running their existing applications in Microsoft’s data centers. In working with a number of clients I often found that the effort and cost required to make existing applications capable of running in a PaaS environment outweighed the cost savings of running in the Windows Azure data centers. As a result, many customers decided keep their apps on-premises.

With the June update to the Windows Azure platform Microsoft introduced its Infrastructure-as-a-Service or IaaS offering called Windows Azure Virtual Machines. Here’s an overview of the offering

Windows Azure Virtual Machine enables you to create a server in the cloud that you can control and manage. After you create a virtual machine in Windows Azure, you can delete and re-create it whenever you need to, and you can access the virtual machine just like any other server. You can use a virtual machine in Windows Azure to deploy the Windows Server 2008 R2 or multiple distributions of Linux operating systems. The virtual hard disk (VHD) that you deploy in a virtual machine can contain customized settings and your applications, which provides a robust platform for developing or migrating your application solutions. You can create multiple virtual machines and then load-balance traffic between them, and you can connect virtual machines to other Windows Azure cloud services running web roles and worker roles.


Windows Azure Virtual Machines allows customers to essentially “uplift” their existing applications to the Windows Azure environment using virtual hard disks that they have complete control over. This means many applications don’t have to be rewritten; they can simply be moved to the Windows Azure environment as is.

I decided to play around with this concept and host my own web application on Windows Azure Virtual Machine. The first thing I did was to go into the portal and create the virtual machine (vm) selecting the release candidate of Windows Server 2012 as the operating system. Once the vm was up and running I used remote desktop to gain access to the server and enable the Web Server role, which includes things like IIS. Once the role was enabled I tried navigating to the server in my browser only to be greeted with this:


Well, that was obviously not what I was hoping for. My first thought was that I needed to update the firewall on the server to allow traffic in on port 80. I returned to my remote desktop session and popped open the firewall only to discover that inbound rules were already in place for tcp traffic coming in on ports 80 (http) and 443 (https). What to do, what to do? I spent about an hour fiddling with the server with the same result, so I decided to walk away and attack the problem later.

Later that evening it dawned on me that the issue wasn’t with the server, it was with the server’s configuration in Windows Azure. I quickly navigated to, selected my virtual machine and clicked on ENDPOINTS. Here’s what I saw:


See the problem? I only had one endpoint configured to allow inbound remote desktop traffic. If I wanted to allow traffic over port 80 (http) I needed to created another endpoint. Here’s what I did.

First, I clicked the ADD ENDPOINT button at the bottom of the page


Then I selected Add endpoint and click the arrow on the bottom left of the page


Next I gave my endpoint a name, specified the protocol (you’ll want to use TCP), then specified the port. Since I want to server all http requests off of the default port I used port 80.


I then waited for the endpoint to be configured


I then used by browser to navigate to the server again where I was greeted with this



Hope it helps.