Azure Firewall Dnat

Adekunle Deen 21 Reputation points


I'm working on configuring Azure firewall for my virtual machines. I created a Dnat rule that allows RDP to one of my VMs, and it works perfectly. However, I discovered that adding a second Dnat rule to allow RDP to a different VM didn't work because I can only RDP to the first VM.

This means that my Azure firewall's public IP can only translate one private IP. I'm curious if this is by design or if my config is incorrect.195891-screen-shot-2022-04-24-at-104451-am.png

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
398 questions
Azure Firewall Manager
Azure Firewall Manager
An Azure service that provides central network security policy and route management for globally distributed, software-defined perimeters.
62 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Takahito Iwasa 4,641 Reputation points MVP

    Hi, @Adekunle Deen

    The rule must be tied to a particular VM using a combination of destination address and destination port to determine the destination.

    You can control the connection destination by customizing the destination port as follows.


  2. Rishabh mishra 156 Reputation points

    Hi @Adekunle Deen

    I would suggest you choose different translated port instead of using 3389 try 3390

    Let me know if this works