Azure firewall using second public IP as outbound

Adrian Nelson · ‎Jul 23 2020

We have been using Azure firewall for sometime now. we are pointing all our spoke Vnets to the firewall for outbound traffic.

Doing this the public IP of the servers has always been that of the public IP that was created when the FW was deployed (the IpConf)

There is a second public IP setup to allow port mapping from outside to inside for a specific server

I am testing windows virtual desktop server. again the Vnet is pointing internet traffic via the FW.

However, the WVD are picking up the secondary public IP.

I always thought that the default IpConf IP would always be attached to outbound traffic and the other IP's would allow you to port-map to specific servers inbound.

Is this not the case?

Charbelhanna · ‎Aug 01 2020

Hello @Adrian Nelson

Would you please provide more details about your WVD setup from a networking perspective, in order for me to understand more your scenario and help you further.

As for your question, as a rule of thumb OUTBOUND traffic initiated from resources that have the Firewall configured as their default gateway or as the next hope in a certain UDR will always be natted using the primary Firewall IP address.

Regards,

Charbel HANNA

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Azure firewall using second public IP as outbound