VM1 needs to talk to VM2 on port 4567 (In Azure). Both VMS are on the same subnet. Can I just create an inbound rule on the NSG attached to both Vms that says open port 4567? Will this work?
Or do I also need to log onto both VM's and configure the firewall rules?
What is the proper way to configure this? in terms of best practice.
Yes, you have to, because NSG doesnt talk to your VM to alter settings on it. NSG is an Azure level firewall.