Handling specific inbound port mappings
Let’s say you have created a VM availability set with five VMs all running your website. Clients are connecting to the load balancer and the load balancer is distributing web traffic to the best backend pool instance.
The setup is working well, but you now need to perform some maintenance to the website. You need to use Remote Desktop Protocol (RDP) to connect to one of the VMs serving your website. As is, this is not possible. The load balancer cannot direct traffic to one particular instance, and it’s only allowing web traffic at this time anyway. You need an inbound NAT rule.
Inbound NAT rules forward traffic from a port of a specific frontend IP address to a specific port of an instance inside of the virtual network (vNet) the load balancer and backend pool are a part of.
In this example, you’d set up an inbound NAT rule to forward port 3389 (RDP) to port 3389 to an individual VM behind the load balancer. In the following screenshot, you can see all options available to you.