Forum Discussion
Internet access and connection to on-prem network
We are studying AVD documents without on hand testing.
If we need the AVD environment connect back to on-prem network for domain join and accessing on-prem resources, we need a virtual network and gateway to form a VPN tunnel back to on-prem network.
We want AVD users to access internet directly from the AVD, do we need to setup another virtual network in the AVD environment?
Thanks.
1 Reply
You have to allow the subnet on Azure firewall to provide access to internet. or you can use NSG if u dont have Azure firewall other way is to use 3rd party products like in my customer I am using Zscaller.
The Azure virtual machines created for Windows Virtual Desktop must have outbound TCP 443 access to the following URLs:
- wvd.microsoft.com
- *.blob.core.windows.net
- *.core.windows.net
- *.servicebus.windows.net
- prod.warmpath.msftcloudes.com
- catalogartifact.azureedge.net
Azure firewall additional security guideline are in the below https://docs.microsoft.com/en-us/azure/firewall/protect-windows-virtual-desktop
As per the Microsoft the following URL must be opened in the firewall https://docs.microsoft.com/en-us/azure/virtual-desktop/safe-url-list
