Hello @Jesus Reyes ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you would like to know how to redirect the traffic of a VM in Azure so that it leaves through the IP of your on-premises infrastructure.
You can configure forced tunneling for the subnet where this Azure VM is deployed or your whole Azure Vnet depending upon your requirement.
Forced tunneling lets you redirect or "force" all Internet-bound traffic back to your on-premises location via a Site-to-Site VPN tunnel for inspection and auditing. If you don't configure forced tunneling, Internet-bound traffic from your VMs in Azure always traverses from the Azure network infrastructure directly out to the Internet, without the option to allow you to inspect or audit the traffic.
Forced tunneling must be associated with a VNet that has a route-based VPN gateway. Your forced tunneling configuration will override the default route for any subnet in its VNet.
With a splitted tunneling type you can redirect all the traffic for specific subnets directly to on-premises, instead of other subnet that continue to have direct internet access without redirection.
This allows you to restrict and inspect Internet access from your virtual machines or cloud services in Azure, while continuing to enable your multi-tier service architecture required.
If there are no Internet-facing workloads in your virtual networks, you also can apply forced tunneling to the entire virtual networks.
Refer: https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm
Forced tunneling in Azure is configured using virtual network custom user-defined routes. Redirecting traffic to an on-premises site is expressed as a Default Route to the Azure VPN gateway.
Refer: https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#user-defined
You need to create a route table and add a route with the below values and assign it to the Azure VM subnet whose traffic needs to be redirected to your on-premises:
- Destination address prefix: 0.0.0.0/0
- Next hop type: Virtual network gateway
Refer: https://learn.microsoft.com/en-us/azure/virtual-network/manage-route-table#create-a-route-table
Then you need to configure your on-premise router/firewall to handle this traffic as per your requirement. You can either block it or allow it to the Internet.
Kindly let us know if the above helps or you need further assistance on this issue.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.