Forum Discussion
Outbound endpoint ip address of Azure DNS Private Resolver
Hi,
we need to find out the ip address that's used in the outbound endpoint of Private Resolver for configuring our onPrem firewall.
We cannot find anything about this in the docs or in Azure portal.
How to find it?
Regards
Sven
Try to answer my own question.
The correct answer is, that outbound there is no dedicated IP address. Instead, outbound endpoint uses dynamically allocated IP addresses. This also implicates that one has to allow IP address ranges for the on-premises firewall to get it working correctly.
5 Replies
- Outbound endpoint in the private resolver does not allocate any IP address (Unlike the inbound endpoint). It should be linked with a DNS forwarding ruleset where you specify the DNS server that you will forward the traffic to (Can be Azure VM or on-prem). This is documented here: https://learn.microsoft.com/en-us/azure/dns/private-resolver-endpoints-rulesets#outbound-endpoints
Thanks for your reply. I already know everything that's in the documentation. However, this is not very helpful.
The main key about the outgoing ip address is missing.
We need to know this because we have a firewall onprem that needs to be configured in order to let the DNS traffic pass through .
So currently, it is really unclear which ip address must be whitelisted in the firewall.
Try to answer my own question.
The correct answer is, that outbound there is no dedicated IP address. Instead, outbound endpoint uses dynamically allocated IP addresses. This also implicates that one has to allow IP address ranges for the on-premises firewall to get it working correctly.
- The question is not very clear, Can you elaborate on the scenario along with the problem statement
Hi,
thanks for your reply.
I'll try to explain the scenario. We want to try the usage of Private DNS Resolver. It should forward DNS traffic to our on-premises DNS servers. However, we have a firewall on premises that needs to be configured to let the DNS traffic pass. Currently, the firewall is blocking DNS forwarding traffic.The Azure Portal does not allow to view the IP address of the outbound endpoint.
Now my question again: Which IP address(es) do we have to enable in the firewall to allow DNS traffic passing through?
