Forum Discussion
Azure Firewall DNAT not working
Thanks Kidd_Ip thats the same article i followed 😞
Richard_Marder was this issue ever solved? I am facing same issue.
stefanslauritsen Hi, Yes it was resolved in our case. Our issue was with the routing tables applied to the spoke vNET. We had the Default Route and a UDR which was set to the vNET in the Hub. This vNET included the subnet on which the firewall was setup plus other subnets in use for Management Services (Remote Access, Backups, Monitoring etc.) This was causing circular routing and we had to remove this and configure the RT with UDRs for each subnet for the individual services and excluding the subnet on which the firewall was setup. Hope it helps. Good luck
Thank you Richard_Marder !
Tested this morning with both SFTP-22 (original issue) & RDP-3389 (Test scenario), removing the route table pointing to Az Firewall Virtual Appliance for Firewall subnet fixed the issue instantly.
Now I just need to figure out new routing design and which consequences it will have 🙂
Fun fact - For original issue, we were seeing only some connections failing. Incoming traffic from Azure VM's (3rd-party tenants) was working, testing connection from home (Consumer ISP)/3rd-party datacenter failed.
