Is my Public IP unique? (NAT Gateway)

Thomas Ellebæk 21 Reputation points
2022-09-23T11:46:43.643+00:00

I'm creating a NAT Gateway to control the Outbound IP for a set of Applications. For integration purpose I need my IP to be white-listed at a third party (yes they can only white-list on IP and not on domain name), but they will only allow this if I can document that my Outbound IP is unique to me and not "reused" by someone else.

I'm new to this and I've done my best to find answers to this question elsewhere. Answers much appreciated, but please explain yourself a bit more than you would otherwise do since I'm new to this network and security lingo.

A reference to Azure documentation would be perfect. Thanks!

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,204 questions
0 comments No comments
{count} votes

Accepted answer
  1. GitaraniSharma-MSFT 48,096 Reputation points Microsoft Employee
    2022-09-23T13:41:39.64+00:00

    Hello @ThomasEllebk-0155 ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    I understand that you would like to white-list your Azure NAT gateway Public IP address at a third party and want to know if it is dedicated to you.

    NAT gateway is compatible with standard SKU public IP addresses or public IP prefix resources or a combination of both. When Virtual Network NAT is configured on a subnet, all outbound connectivity uses your specified static public IP address(es).

    Refer : https://learn.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-overview#nat-gateway-and-basic-sku-resources
    https://learn.microsoft.com/en-us/azure/virtual-network/nat-gateway/faq

    Azure Public IP address is a resource that has its own properties and is dedicated to the assigned resource, until it's unassigned by you. And since NAT gateway uses a Standard SKU public IP address which is static by default, the resource is assigned an IP address at the time it's created and is only released when the resource is deleted. So, unless you unassign/delete the Standard Public IP address associated to the NAT gateway, the IP address will be remain dedicated to your NAT gateway and cannot be re-used by others.

    Refer : https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/public-ip-addresses
    https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/public-ip-addresses#ip-address-assignment

    If the third party requirement is customer owned Public IP address, then you can also use public IP prefixes and addresses derived from custom IP prefixes (BYOIP) with your NAT gateway resource.
    Refer : https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/custom-ip-address-prefix

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

0 additional answers

Sort by: Most helpful