Secure outbound internet connectivity for Azure VMware Solution
Learn how to route, control, and inspect outbound network traffic from Azure VMware Solution private cloud. Define the outbound internet network path using either custom or third party network virtualization appliance with Azure Route Server and Azure Firewall.
Learning objectives
By the end of this module, you'll be able to:
- Generate and inject the default route using either custom or 3rd party Network Virtual Appliance (NVA) with Azure Firewall as the next hop.
- Propagate the default route to Azure VMware Solution private cloud using Azure Route Server.
- Define network rules in Azure Firewall to allow outbound internet traffic from Azure VMware Solution private cloud.
Prerequisites
This module requires understanding of the following activities.
- Beginner level experience with Azure basic networking concepts such as Azure Virtual WAN, Virtual Networks (VNet), Subnets, Network Security Groups (NSG), Route Table, User Defined Routes (UDR), ExpressRoute Gateway, Azure Virtual Network Peering.
- Intermediate level experience with deploying and running Azure VMware Solution private cloud, networking covering NSX-T Data Center T0/T1 gateways, NSX-T Data Center Edge & Managed SNAT.
- Intermediate level experience with creating a network segment and Virtual Machine (VM) in that network segment and testing internet connectivity from VM.
- Intermediate level experience with creating either a custom or a 3rd party NVA on Azure, Border Gateway Protocol (BGP), Azure Route Server and Azure Firewall.