Forum Discussion
Solved
Use of NAT gateway
Hi, First of all, I'm absolutely new to this, so I'm learning as I go along. I've built a VM with PIP which allows me to RDP to it over the internet. I've since created a NAT gateway and asso...
- Hi. Azure NAT Gateway are outbound only:
https://learn.microsoft.com/en-us/azure/nat-gateway/nat-overview
So if you want to place something in front of the NIC of the VM, you could use an Azure load balancer instead 🙂 Or go up the security latter with Azure firewall.
But since you are trying to enable remote management (RDP), I would recommend taking another approach using Azure Bastion, and remove the PIP from the NIC of the VM. (You may want to keep your NAT Gateway for outbound internet access, as NAT Gateway are the best practice way of ensuring outbound internet access for VMs, and should be kept attached to the subnet)
Hi. Azure NAT Gateway are outbound only:
https://learn.microsoft.com/en-us/azure/nat-gateway/nat-overview
So if you want to place something in front of the NIC of the VM, you could use an Azure load balancer instead 🙂 Or go up the security latter with Azure firewall.
But since you are trying to enable remote management (RDP), I would recommend taking another approach using Azure Bastion, and remove the PIP from the NIC of the VM. (You may want to keep your NAT Gateway for outbound internet access, as NAT Gateway are the best practice way of ensuring outbound internet access for VMs, and should be kept attached to the subnet)
https://learn.microsoft.com/en-us/azure/nat-gateway/nat-overview
So if you want to place something in front of the NIC of the VM, you could use an Azure load balancer instead 🙂 Or go up the security latter with Azure firewall.
But since you are trying to enable remote management (RDP), I would recommend taking another approach using Azure Bastion, and remove the PIP from the NIC of the VM. (You may want to keep your NAT Gateway for outbound internet access, as NAT Gateway are the best practice way of ensuring outbound internet access for VMs, and should be kept attached to the subnet)