Upgrade to Azure Standard Load Balancer

Azure Outbound Network Options

On September 30, 2025, the Azure Basic Load Balancer will be retired. For more information, see the official announcement. If you are currently using Basic Load Balancer, make sure to upgrade to Standard Load Balancer prior to the retirement date.

You can use the guidance to upgrade, please ensure that all of the steps are followed when you test and then implement the change.  This is due to the fact… Read the rest “Upgrade to Azure Standard Load Balancer”


Exchange & TCP/IP Port Range

The below is an interesting result after installing Exchange.  The act of installing Exchange will change how TCP/IP operates on the server with respect to ephemeral connections.

This may manifest itself in a few ways.

For example:

  • Security or Network are "surprised" with different network behaviour on an Exchange server when reviewing captures
  • Network team sets a very restrictive firewall ACL which is
Read the rest “Exchange & TCP/IP Port Range”

How To Set NSLookup to Use TCP

One of the great things at Microsoft is the interaction with very smart colleagues.  A question was posed regarding DNS.  Most admins will know that DNS uses port 53, but is that TCP or UDP?

The answer is Consultant’s answer #1 "It depends"…

From a client resolver perspective this old TechNet documents:

During DNS resolution, DNS messages are sent from DNS clients to DNS servers or between DNS serversRead the rest “How To Set NSLookup to Use TCP”


Windows 10 FlushDNS

One issue when cutting over services or performing datacentre disaster recovery operations consists of three little letters - DNS.

DNS records have a time to live (TTL) and depending on the zone file configuration, it could be several hours or even measured in days.  So if a record was changed, this means that in normal run state clients would continue to connect to the old IP rather than the new I… Read the rest “Windows 10 FlushDNS”


Load Balancing WAP In Azure RM

In the previous post Load Balancing Azure AD FS Services  we looked at using Azure RM to deploy and load balance AD FS services.  This is the follow-up post to deploy the Web Application Proxy (WAP) servers and its associated load balancer into the DMZ.

In this post we will focus upon the highlighted area in the below diagram.  The additional components were previously deployed, for details please … Read the rest “Load Balancing WAP In Azure RM”


External RDP Access To Azure RM VM

Depending upon how your organisation has deployed Azure there may or may not be a need to have RDP access to Azure VMs from the Internet.  In cases where there is a site to site VPN (S2S)  the S2S VPN will typically be used to access VMs. Traffic will be routed from the corporate network over the S2S tunnel to the VMs.  Client VPN may also be provided in some companies as an alternative.

Should the… Read the rest “External RDP Access To Azure RM VM”


Azure RM VM Connect Button Greyed Out

The below is a repro of a customer issue where they were unable to RDP to an Azure RM VM from the Internet.  Previously this was not something they had setup as connecting to VMs was provided by a site to site VPN.  There was no requirement to provide RDP access from the Internet, until they wanted to allow connectivity from one specific business partner to some VMs.  The partner is not part of th… Read the rest “Azure RM VM Connect Button Greyed Out”


Load Balancing AD FS Services In Azure RM

As mentioned in this blog's previous posts on deploying AD FS, one option is to deploy all or part of the AD FS solution in Azure.  This is very valuable if there is insufficient capacity on-premises or if you only have a single datacentre and wish to increase resiliency.

Deploying the AD FS solution or connecting it to Azure is pretty straight forward.  However, if you not correctly plan the Azure… Read the rest “Load Balancing AD FS Services In Azure RM”


New Netstat Options

New?  Well some options are not that new really.  Others are however!

Sometimes it is the little things in life that can help immensely.  Take our venerable friend, netstat!  Even though it has been around for many moons folks often get into the habit of using only certain options, switches or parameters.   For reference purposes, the Windows XP Netstat options are docRead the rest “New Netstat Options”


Network Monitor Filter Examples

The below is an assortment of Network Monitor (NetMon) filters that I used on a frequent basis.  With each of the filters, there is a quick explanation of why they are used.
The filters can be used as regular display filters, or as a colour filter.  The retransmission one is especially useful to have set as a colour filter, as they they stand out when reviewing traces.

Filter Source IPv4 A

Read the rest “Network Monitor Filter Examples”