Share via

Azure Basic Firewall Public IP Egress calls

Deepaklal-FT 86 Reputation points
2025-02-20T11:43:04.4666667+00:00

I have an azure basic firewall,

From one of my VM egress call happening to a URL(Which is whitelisted). I have around 12 Public IPs attached to Firewall. How do I verify from which Public IP the request landed in target(no access logs available in target with X-Forwarded-For).

Can I rely on Azure firewall logs? In my Azure firewall logs, Destination IP coming as blank. But source IP is showing as my VM Private IP. The URL which I am hitting also coming in the logs.

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
781 questions
Community Center | Not monitored
0 comments
Accepted answer
  1. Praveen Bandaru 5,520 Reputation points Microsoft External Staff Moderator
    2025-02-21T17:06:41.28+00:00

    Hello Deepaklal-FT

    Greetings!

    I understand that you are looking for the firewall's public IP in the logs. However, you will only find the private IP of the source in the logs section you will not get public IP.

    User's image

    If you need the public IP of the firewall, you need to login to the source VM. You can then check in the browser by searching "what is my IP" to get the information.

    Kindly check the below documents for more understanding:

    https://learn.microsoft.com/en-us/azure/firewall/basic-features#multiple-public-ip-addresses

    https://learn.microsoft.com/en-us/answers/questions/850707/azure-firewall-outbound-through-specific-public-ip

    Hope the above answer helps! Please let us know do you have any further queries.

    Please do consider to “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2025-02-20T18:28:18.74+00:00

    Hello Deepaklal,

    Thank you for reaching out to Q&A.

    When a resource, such as a Virtual Machine (VM), behind the Azure Basic Firewall initiates an outbound call, the traffic is Network Address Translated (NATed) to the Public IP of the firewall. Essentially, this means that the public IP address of the firewall is used as the source IP for all outbound connections. 

    The Azure Basic Firewall supports only one Public IP. If we require multiple public IPs or advanced features like SNAT policies, we might need to consider using the Azure Standard Firewall instead.
    https://learn.microsoft.com/en-us/azure/firewall/deploy-multi-public-ip-powershell

    Would like to understand more on how you are able to create multiple Public IP's with an Azure Basic firewall.
    If you find this information helpful, please do not forget to accept this answer.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.