Forum Discussion

StefanKi's avatar
StefanKi
Iron Contributor
Nov 11, 2021

routing table

Hello, I have a virtual network with 192.168.0.0/24. In the virtual network is a firewall with 192.168.0.5. Now I want to route any outgoing traffic on the virtual network through the firewall. If...
virtual network
Kidd_Ip's avatar
Kidd_Ip
MVP
Oct 15, 2025

Take this:

 

  1. Use a User-Defined Route (UDR)
  • Create a route table with:
    • Destination: 0.0.0.0/0
    • Next hop type: Virtual appliance
    • Next hop IP: 192.168.0.5 (your firewall)
  1. Associate the Route Table with Subnets
  • Apply the route table to application subnets, not the firewall subnet
  • This ensures only outbound traffic from those subnets is routed through the firewall
  1. Preserve Internal Traffic
  • Internal traffic (e.g., between VMs in the same subnet or VNet) uses system routes
  • To avoid breaking it:
    • Do not override internal IP ranges like 192.168.0.0/24 in your custom route table
    • Let Azure’s default routing handle intra-subnet communication
  1. Firewall Configuration
  • Ensure the firewall can:
    • Route traffic back to internal subnets
    • Handle NAT or SNAT if needed for outbound internet access
    • Allow return traffic from the internet

Resources