We are setting up SQL Always On in Azure VM (IAAS). We followed the steps given in Configure Always On Availability Group in Azure VM manually and the setup is working fine. Since the setup is using the internal load balancer, the listener is available only internally i.e. using a jump box. We are using NSGs to restrict access to the servers from our office IPs and allow access to the SQL Servers from developer machines. This works for direct access to the individual SQL server but not via listener. What can be done to allow access from outside of the VNET?
This subscription is standalone and not connected to the on-premise via site-to-site VPN or Express Route. The resources should be accessed using internet and source IPs are specifically white listed (it is a very small fixed list).
You can configure a Point-to-Site connection to allow your clients to connect the Azure VNet then use sql server.