Forum Discussion

StefanKi's avatar
StefanKi
Iron Contributor
Nov 11, 2021

routing table

Hello,

I have a virtual network with 192.168.0.0/24. In the virtual network is a firewall with 192.168.0.5.

Now I want to route any outgoing traffic on the virtual network through the firewall.
If I create a rule 0.0.0.0/0 to 192.168.0.5 - The internal devices can not reach each other. What is the best way to set the routing rules here?

Greetings and thanks
Stefan

virtual network

1 Reply

  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Oct 15, 2025

    Take this:

     

    1. Use a User-Defined Route (UDR)
    • Create a route table with:
      • Destination: 0.0.0.0/0
      • Next hop type: Virtual appliance
      • Next hop IP: 192.168.0.5 (your firewall)
    1. Associate the Route Table with Subnets
    • Apply the route table to application subnets, not the firewall subnet
    • This ensures only outbound traffic from those subnets is routed through the firewall
    1. Preserve Internal Traffic
    • Internal traffic (e.g., between VMs in the same subnet or VNet) uses system routes
    • To avoid breaking it:
      • Do not override internal IP ranges like 192.168.0.0/24 in your custom route table
      • Let Azure’s default routing handle intra-subnet communication
    1. Firewall Configuration
    • Ensure the firewall can:
      • Route traffic back to internal subnets
      • Handle NAT or SNAT if needed for outbound internet access
      • Allow return traffic from the internet

Resources