Hi,
I have a virtual network and subnet 10.185.23.0/24 in it.
There is VM with IP 10.185.23.4.
We have domain controllers in seperate Vnet and subnet 10.185.4.0/26.
I want to block any outgoing traffic towards one of the domain controller 10.185.4.7 from this VM (23.4). For testing using rule for 1 domain controller for now.
Created NSG as below.
![inbound](https://learn-attachment.microsoft.com/api/attachments/045b354b-dba5-4cde-ad20-ec5dd9480f0a?platform=QnA)
![outbound](https://learn-attachment.microsoft.com/api/attachments/e5a7aac1-d661-4d12-9a30-a46255cc3b34?platform=QnA)
However i can still do connect on port 53 from test VM to 10.185.4.7. Also Network Watcher shows connectivity Successful. Somehow i am not able to overwrite allvnetoutbound rule which maybe causing all traffic to allow. i read multiple articles but not any is clear on stateless or stateful and how to achive this.
Our goal is to isolate this subnet from reaching to domain controllers.