Azure VM in NAT-less Environment

MikeShev-TheNetWorks LLC 1 Reputation point
2021-02-24T21:24:35.713+00:00

Hard problem, I'm stuck on...

I'm deploying an application in an Azure VM (Ubuntu). When the standard (for this application) was developed folks never considered running this in an environment where the server was behind a NAT. The writers confirm - yes that is broken! So the question is (short of changing the standard):

What options are there for running this app/server in an Azure environment - without NAT?

Some ideas I've had:

  1. Bypass or disable the NAT for this VM
  2. Assign a static public IP to the VM (again how to bypass the NAT)
  3. Build a DMZ for the server and deploy there

Would appreciate any recommendations, insights or crazy ideas - Thanks!

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
589 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. SaiKishor-MSFT 17,216 Reputation points
    2021-02-25T19:55:37.467+00:00

    @MikeShev-TheNetWorks LLC There is noway to have a VM in Azure without natting. However, most scenarios do work even with nat. Could you elaborate on your use case to understand better?

    0 comments No comments

  2. MikeShev-TheNetWorks LLC 1 Reputation point
    2021-02-25T22:21:08.557+00:00

    Yes. thanks for asking! I'm building and "attempting" to run the open source code to RFC:4656
    https://tools.ietf.org/html/rfc4656
    After spending "countless" hours I came across this resource which stated this can never run behind a NAT:
    https://github.com/perfsonar/owamp/issues/49

    So I kind of left it at that. But like you, I think there has got to be a way to do this. But I just don't know enough about the Azure NAT to even start guessing on what else to try. I've opened every port it could conceivably use and still no luck.

    This works great on any two machines on my network where they are are all behind a NAT. But the real target is to host in Azure.

    Thanks again. All crazy ideas accepted. :)

    0 comments No comments