Forum Discussion

shamik-ghosh's avatar
shamik-ghosh
Copper Contributor
Jun 04, 2021
Solved

Internet connectivity for Azure VM updates?

We have two Windows Server 2019 VMs in Azure, and both have 1x public IP address, and 1x private ip address. The private IP address is on a VNET that has no route out to the internet. These VMs were ...
Compute
virtual machine
  • lukemurraynz's avatar
    lukemurraynz
    Jun 11, 2021
    Internet connectivity is required for Azure Update Management, Azure Update Management, acts as the management later, updates aren't distributed directly via the Azure fabric.

    You need to have a route out to the internet: 0.0.0.0/0 (it's a default route that should be there, unless it has been overwritten to point to a network appliance such as Azure Firewall, or directed to some kind of proxy). Azure Virtual Machines, don't need Public IP addresses to access the internet, theoretically, if the routes for the internet are there and nothing is blocking the traffic, even without a public IP - it should work.
Schnittlauch's avatar
Schnittlauch
Iron Contributor
Jun 06, 2021
Hi shamik-ghosh ,

this is a tricky but a tbh very good question. I searched a lot, but I didn't found a 100% clearly solution.
If you have a Platform as a Service (PaaS) solution, this should work and there is no need of a public IP to get Updates (Just a guess).

If you don't find further information, I would recommend you to "pentest" it. Next Tuesday is Patchday, so you can check if you get updates.

Maybe not the best solution but maybe anyone else has an idea 🙂

Best regards,
Schnittlauch

"First, No system is safe. Second, Aim for the impossible. Third no Backup, no Mercy" - Schnittlauch

My answer helped you? Don't forget to leave a like. Also mark the answer as solved when your problem is solved. 🙂

Resources