Hello,
I've been using Azure for a while, but it's mostly App Services and VMs where the default created Networks have been fine for what I've been doing. I've now created a little problem where my lack of Azure Network knowledge has me stumped. I'm still trying to learn as much as I can about it and trying to solve this issue myself, but I've got a time constraint and so I'm reaching out for help.
I have a Linux VM as a Router/Nginx reverse proxy. It has a public IP address (let's say 20.31.101.82) on a network interface on a 10.0.0.0/24 subnet. It has a private IP of 10.0.0.4.
This VM has another network interface on a 10.0.10.0/24 subnet with a private IP of 10.0.10.10.
The VM has port forwarding setup in the OS and configured in Azure.
On the 10.0.10.0/24 subnet I have a webserver. Simple Apache site.
What works is: I can SSH to 20.31.101.82 on port 6100 and the VM router gets me to the webserver and it's all good.
I can point DNS records to 20.31.101.82 and the Nginx proxy will send them to the correct server (I have 2 at the moment, but there will be more).
I want to do this so I can have Let's Encrypt manage all of my SSL certificates on the Nginx proxy.
What I can't work out how to do, is get the traffic from the servers on the 10.0.10.0/24 subnet, out through the public IP 20.31.101.82. What I mean by that is, if I'm on the Apache webserver and use the dig command to work out my public IP, I get one that I assume is attached to the private subnet and not 20.31.101.82.
In an environment where I control all of the network, I'd set the default gateway on the Apache server to be 10.0.0.4 (the IP of the Nginx proxy router).
I've tried to do this with routes. There are no firewall rules on the servers on the 10.0.10.0/24 subnet. I'm not getting anywhere.
Have I approached this all wrong? Should I be using a different Azure service?
Thanks for any help,
David