I created two Virtual Machines on Window Azure. One vm is connected with remote desktop and from there I try to ping another vm using its Public virtual IP (VIP)/Internal IP Address. It can not be connected and give me a message "request timed out".
My question is do I need to create virtual network for those two vms to be able to connect each other?
Thanks for your opinions and suggestions.
Best Answer
Your question talks about two things: pings and connectivity.
Pings are not supported through the load balancer, which is why your one VM can't ping the other through its public IP address (ICMP is not supported with inbound or outbound traffic through the load balancer). Ping works on the internal network (either within the same cloud service or across a vnet).
Now on to connectivity: You can open both TCP and UDP ports externally, allowing traffic to then flow into a VM (on the same or different port). As long as these external endpoints are opened, you can then connect via those endpoints. You can also apply access control lists (ACLs) to the endpoints, to filter traffic based on inbound IP addresses. So... from the VM you RDP'd into: while you cannot ping your 2nd machine via its public IP address, you can connect via TCP- or UDP-based protocols (telnet, ssh, a database connection, whatever).
If you go the VNet route, then each VM in the VNet can connect to the other VMs in the VNet without worrying about external endpoints being open. Further, since your traffic would no longer be routing through the load balancer, you'd have other protocols (such as ICMP for ping) working.