allow inbound traffic in network security group in azure for a dynamic IP

Asked Aug 26 '21 at 16:19

Active Sep 09 '21 at 16:08

Viewed 993 times

We need to allow a platform traffic to reach our systems (as I know adding a static public IP in our network security group in azure), but they mention that they don't have a static public IP or a range of IPs to whitelist, but instead a static domain name

What I found in azure documentation and some questions is that filtering traffic based on FQDN is impossible for now in network security group resource !

Is there any other possibility to achieve this ?

The Azure firewall seems just working for outbound rules (as I understand from azure documentation)

Still waiting, help please !!

This is so wired, anyone was in the same situation before ??

edited Sep 09 '21 at 16:08

asked Aug 26 '21 at 16:19

Hamza AZIZ

2,582
1
9
18

1

It's not possible with NSG rules but you could use Azure Firewall to do that: https://learn.microsoft.com/lv-lv/azure/firewall/fqdn-filtering-network-rules. – Thomas Aug 26 '21 at 21:55
Yes I found this solution, but I don't want to change the security strategies, as we use a network security group to filter inbound traffic, is there an option to update the network security group depending on the IP resolved by the DNS in azure, or something like that ? – Hamza AZIZ Aug 29 '21 at 18:16

allow inbound traffic in network security group in azure for a dynamic IP

0 Answers0