question

vamsikrishna-4603 avatar image
0 Votes"
vamsikrishna-4603 asked sakaldeep rolled back

Integrating App Service with NAT gateway to get static outbound IP


1-firstly I integrate VNET with APP service
2-to route traffic to VNet, I add WEBSITE_VNET_ROUTE_ALL with value 1 in App service settings.
3-I created NATgateway and attached it to the subnet
4-I also create a route and attached it to the subnet in that route I gave the address prefix as VNET address space and Next hop type I select virtual appliance and in Next hop address I add NAT gateway public IP

note: I used the below link for reference
https://sakaldeep.com.np/1159/azure-nat-gateway-and-web-app-vnet-integration-to-get-static-outbound-ip

after doing all above steps and I checked with below command I did.nt get NAT gateway IP as result.
az webapp show --resource-group <group_name> --name <app_name> --query outboundIpAddresses --output tsv

azure-webappsazure-webapps-vnet
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndriyBilous avatar image
0 Votes"
AndriyBilous answered AndriyBilous edited

Hello @vamsikrishna-4603
Using command az webapp show --resource-group <group_name> --name <app_name> --query outboundIpAddresses --output tsv you will only see the list of WebApp global outbound Ip addresses.
When you are connecting WebApp to VNET, VNET traffic is already NATed with last IP address from the subnet range.
For example WebApp is connected to VNET with subnet 10.0.0.0/24, so IP address of your WebApp will be 10.0.0.253


You can check WebApp outbound IP by making a request to WebApp in browser and see IP address of the response in Browser Console

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

sakaldeep avatar image
0 Votes"
sakaldeep answered sakaldeep edited

HI @vamsikrishna-4603,

Use below link
https://sakaldeep.com.np/1193/azure-web-app-nat-gateway-and-vnet-integration-to-get-static-outbound-ip

There are few catch like

  1. The feature requires an unused subnet that's a /28 or larger in an Azure Resource Manager VNet.

  2. App Service plan should be Standard or higher.

  3. There is no need to create Route.

To test it,

  1. Create two apps like an API and a landing website.

  2. Call API to the landing website.

  3. The landing website will get a response from API using NAT Gateway IP as an outbound IP.

Please let me know if it works for you. Happy to troubleshoot with you if it didn't work for you.






5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.