Allow the use of a known outbound nat gateway for vnets
VMs placed in a vnet today with a public ip attached, access the Internet from arbitrary, unknown addresses. This makes it hard to manage access from Azure VMs to backend systems relying on IP-address ACLs. We simply need to know which ip address azure vms use for accessing resources outside the vnet. If I use UDR's with dest 0.0.0.0/0, load balancing in Azure doesnt work. Please give us a configurable NAT gatway per subnet or vnet similar to what aws has.
Debanjan Banerjee commented
We can use Azure Firewall here. Outbound traffic to the internet can be via Azure firewall and SNAT occurs with the public IP address of Azure firewall. Also, this firewall is fully stateful & support NAT, network & application security rules.
Agree, this is a bit requirement for lots of different reasons and surprising that there isnt an option for people that want to use it.
I look forward to some good news about when this will be possible.
Sravan Vanam commented
@Azure Network team , We are desperately looking for a NAT gateway solution where the private VM's will have the route to internet via NAT gateway and not directly through Azure network . Thank you taking the feature in road map but can we get an approx release date when this is available in portal and ready to use.
This is desperately need. Many suppliers with IP ACLs and not having this feature is a serious hindrance to our Azure migration.
Patrick Kolze commented
is there any news when we can get this service?
This feature is needed!
@Azure Networking Team, Any update on this matter?
Hi Trond, this is an interesting ask, great feedback, This is in road map. Thanks!