Route internet traffic through azure firewall but use on-prem DNS

Beverhart 21 Reputation points
2022-08-18T13:52:31.897+00:00

So we have an expressroute connection in our main Vnet to onprem. We have set up an azure firewall in a seperate vnet and peered it to our mainVnet. I created a route 0.0.0.0/0 pointing to the Firewall and verified that its using that as its next hop for the internet. Doing that invalidated the Expressroute default routes that were added to the table. Is it possible for me to add a route to our onprem subnet that uses the express route as the next hop so we can use the DNS that is there?

Regards,

Ben

Azure ExpressRoute
Azure ExpressRoute
An Azure service that provides private connections between Azure datacenters and infrastructure, either on premises or in a colocation environment.
325 questions
0 comments
Accepted answer
  1. Joe Carlyle 661 Reputation points MVP
    2022-08-18T16:15:48.177+00:00

    No, for ExpressRoute it is solely based on BGP and must be sourced from what you advertise to the circuit. There is slightly confusing documentation as with a Route Table you can define a Virtual Network Gateway as the next hop, but this only works for VNG of type VPN.

    Here's the exact doc on ER route advertisement for the official word - https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#border-gateway-protocol

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest