Azure VM extension

Mohammed Thahif BK 291 Reputation points


Just wanted to know is Azure VM Extensions such as MDE, disk encryption etc are supported on NVAs? The firewall image deployed from marketplace?

Also, we have force tunneled all the Internet traffic through NVA in central hub. For extension to work properly, does it requires any outbound connection to any set of urls or IPs? (I somewhere read outbound to wire Ip is required). please confirm.


Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
4,596 questions
No comments
{count} votes

Accepted answer
  1. srbhatta-MSFT 8,351 Reputation points Microsoft Employee

    Hello @Mohammed Thahif BK ,
    Thanks for reaching out to Microsoft QnA. Happy to answer your question.
    Yes, as far as I know, azure extensions are indeed supported on NVAs because ultimately NVAs are also VMs.
    Regarding your second question, yes for the extensions to work properly, the VM agent should be reachable (which means the VM agent should be in 'Ready' state). This can only be possible if the outbound connectivity to the VM agent is open. So, you have to allow outbound connectivity to Microsoft owned IP address - This IP is often referred to as the wire server IP.
    Please refer to this document for additional information- what-is-ip-address-168-63-129-16.

    I hope this helps. For any queries, feel free to reach back.


    Please accept as answer and upvote if the information provided is helpful.

    No comments

0 additional answers

Sort by: Most helpful