我需要阻止对 RDP 的访问,但似乎没有办法做到这一点,我要么收到错误的“成功”消息并且规则仍然存在,要么出现下面的错误
Failed to delete inbound NAT rule 'LoadBalancerBEAddressNatPool.0'. Error: Adding or updating NAT Rules when NAT pool is present on loadbalancer /subscriptions/... is not supported. To modify the load balancer, pass in all NAT rules unchanged or remove the LoadBalancerInboundNatRules property from your PUT request.
最佳答案
在基于 ARM 模板的方法中,我必须删除 loadBalancingRules
中的 inboundNatPools
// "inboundNatPools": [
// {
// "name": "LoadBalancerBEAddressNatPool",
// "properties": {
// "backendPort": "3389",
// "frontendIPConfiguration": {
// "id": "[variables('lbIPConfig0')]"
// },
// "frontendPortRangeEnd": "4500",
// "frontendPortRangeStart": "3389",
// "protocol": "tcp"
// }
// }
// ]
VMSS 的 networkProfile
中的 和 loadBalancerInboundNatPools
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "[concat(parameters('nicName'), '-0')]",
"properties": {
"ipConfigurations": [
{
"name": "[concat(parameters('nicName'),'-',0)]",
"properties": {
"loadBalancerBackendAddressPools": [
{
"id": "[variables('lbPoolID0')]"
}
],
// "loadBalancerInboundNatPools": [
// {
// "id": "[variables('lbNatPoolID0')]"
// }
// ],
"subnet": {
"id": "[variables('subnet0Ref')]"
}
}
}
],
"primary": true
}
}
]
},
然后再次部署。
对于您来说,这意味着使用资源组中的自动化功能提取 ARM 模板,删除上述条目,然后再次部署。
关于Azure Service Fabric - 无法删除任何默认 NAT 规则,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46966447/