Allow us to create outbound rules on external load balancer for secondary ip address of NIC.
I have Cisco NGFW VM in backend and which have multiple IP address in his external interface. Which we would like to translate to specific PIP for outbound traffic. But getting error "OutboundRuleCannotBeUsedWithBackendAddressPoolThatIsReferencedBySecondaryIpConfigs" .
I read in one of article that this is limitation of ELB but we need this option. This is very basic requirement and important which need by every organization who are planning to move his infra on Azure cloud or already moved.

2 comments
-
Mik B commented
Thanks
We have similar issues with advertising multiple External PIPs mapping to internal servers / services using either Azure or Checkpoint Firewalls.
While we can get some basic DNAT capability, SNAT and symmetrical routing a via a variety of firewalls does not work.
The recommended workaround bypasses the firewalls for half the traffic flows.
https://docs.microsoft.com/en-us/azure/firewall/integrate-lb
I have raised and titled my "feedback" as "provide Enterprise Capability for Azure or Third-Party Firewalls to perform 1:1 SNAT"
-
Amit Sharma commented
Really it is very important feature not in Azure ELB. We are also getting this issue.