I have created the following Vnets
vnet-hub-poc-hubspoke
is the Hub Vnet
and both the Vnets are peered as per the
HUB-SPOKE
model
vnet-hub-poc-hubspoke
being a Hub Vnet, it hasAzure firewall
configured
both the Vnets are connected to
Azure Private DNS
Azure Private DNS
has a record pointing to the VM deployed on thevnet-prod-poc-hubspoke
Vnet
and I could access the FQDN
within the internal network
after adding the below rule in Azure Firewall
, I could access the website using the firewall public IP
Now, instead of firewall public IP
I want to use the domain name like
http://myfirstweb.private.landingzonedomain.com/ (for now, I have updated the hosts file in the client machine pointing to
firewall public IP
)
what should I do at the azure firewall level so that it would translate Internet URL to Internal/Intranet URL like
What you want is not possible, because you cannot assign a domain name to your Azure Firewall. What you could do is to create a DNS record at a domain name provider that translates a custom domain to your Azure firewall public IP.
Although I have seen people routing inbound traffic in their vnet, Azure firewall is mainly designed for controlling outbound traffic and traffic flowing between (peered) vnets. When you want to direct inbound traffic to a website or service inside your vnet, you can choose between:
All the options above allow you to add custom domains and certificates. On the other hand, when you want to access a virtual machine through rdp or ssh, your main options are: