Forum Discussion

Copper Contributor

Jul 15, 2023

Azure Firewall DNAT not working

I have a typical Hub/Spoke Architecture with Azure Firewall in the Hub, VNEt peerings between Hub/Spoke, route table on Spoke with default route to Firewall in Hub, no NSGs currently applied. I have...

Kidd_Ip

MVP

Jul 15, 2023

Richard_Marder

Please refer this:

https://learn.microsoft.com/en-us/azure/firewall/tutorial-firewall-dnat

Richard_Marder
Copper Contributor
Jul 15, 2023
Thanks Kidd_Ip thats the same article i followed 😞
- stefanslauritsen
  Copper Contributor
  Sep 26, 2024
  Richard_Marder was this issue ever solved? I am facing same issue.
  - Richard_Marder
    Copper Contributor
    Sep 26, 2024
    stefanslauritsen Hi, Yes it was resolved in our case. Our issue was with the routing tables applied to the spoke vNET. We had the Default Route and a UDR which was set to the vNET in the Hub. This vNET included the subnet on which the firewall was setup plus other subnets in use for Management Services (Remote Access, Backups, Monitoring etc.) This was causing circular routing and we had to remove this and configure the RT with UDRs for each subnet for the individual services and excluding the subnet on which the firewall was setup. Hope it helps. Good luck