0

My company has opened very specific IP ranges against 3389 port. So I want to get my VM public IP under those IP ranges. Azure public IP values are coming from azure and we can't choose it. So question is that can we restrict the range of public IP coming from Azure?

We can restrict private IP range using subnet / address space properties of virtual network e.g. (23.96.0.0/27- Host Address Range -23.96.0.1 - 23.96.0.30). But these properties haven't any impact to public IP what has assigned.

Any suggestions?

Jaish Mathews
  • 766
  • 1
  • 9
  • 25

1 Answers1

0

This is not possible, closest you can get - create a public ip and set it to static and allow it on firewall. It will never change.

The ips you assigned to the Vnet are for Vnet internal addresses, not external. You cannot control which external Ip you will get (when creating it).

4c74356b41
  • 69,186
  • 6
  • 100
  • 141
  • Thanks for the confirmation. Is there any possibility to route my approved firewall IP to any actual public azure IP assigned? Anything like that possible to define under VM? – Jaish Mathews Feb 14 '18 at 18:33
  • I dont think its possible (i'm hesitant because I dont think I exactly understand the question) – 4c74356b41 Feb 14 '18 at 18:41
  • Thanks for your time. For classic VM(ASM), we have an end point option, where target and destination ports can be mentioned. So if ur company has only 443 port opened for tcp, we can map 443 to 3389 inside azure VM endpoint setting. This is calling port routing. Same way any is there any IP routing available in ARM based VM ? – Jaish Mathews Feb 14 '18 at 19:08
  • you would need a [load balancer](https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-overview) for that. – 4c74356b41 Feb 14 '18 at 19:14