cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Outbound Connectivity after azure site recovery failover

nirmalmcse02
Copper Contributor

‎Jan 06 2021 05:33 AM

‎Jan 06 2021 05:33 AM

Outbound Connectivity after azure site recovery failover

How outbound connectivity works of any virtual machines after failover initiated from Azure Site Recovery. 

Explanation of above query is:-

On-premise environment Servers DR site is set up on Azure using Azure site recovery & Express route is set up for connectivity between on-premise to Azure.

In case a failover happens immediately  ASR initiates spinning up virtual machines. Once Virtual Machines is ready to use. How outbound traffic will flow of this VM.  Either Outbound traffic will go to On-premise or it will directly go to the Azure backbone. 

We would like to validate that whatever internet restrictions are applied on on-premise same should be applied to DR VM without deploying any NVA on the Azure side. 

 

 

 

 

 

876 Views
1 Like
1 Reply
Reply
1 Reply
best response confirmed by nirmalmcse02 (Copper Contributor)
JoeThompsonIT

‎Aug 20 2021 08:16 AM

‎Aug 20 2021 08:16 AM

Solution

Re: Outbound Connectivity after azure site recovery failover

@nirmalmcse02 By default, outbound internet access is allowed from the vm. I recommend that you setup a NSG (network security group) for each subnet where you can block outbound internet access, don't forget to add a rule allowing Azure services... Otherwise, you could setup a route that forces all traffic back over your site-to-site vpn or expressroute...

 

THOJO0513_0-1629472520437.png

 

 

1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by nirmalmcse02 (Copper Contributor)
JoeThompsonIT

‎Aug 20 2021 08:16 AM

‎Aug 20 2021 08:16 AM

Solution

Re: Outbound Connectivity after azure site recovery failover

@nirmalmcse02 By default, outbound internet access is allowed from the vm. I recommend that you setup a NSG (network security group) for each subnet where you can block outbound internet access, don't forget to add a rule allowing Azure services... Otherwise, you could setup a route that forces all traffic back over your site-to-site vpn or expressroute...

 

THOJO0513_0-1629472520437.png

 

 

View solution in original post

1 Like
Reply