What are DNAT rules on Azure Firewall?

Experience Level: Junior
Tags: Azure CloudAzure Firewall

Answer

DNAT is an abbreviation for Destination Network Address Translation.
You can configure Azure Firewall Destination Network Address Translation (DNAT) to translate and filter inbound Internet traffic to your subnets. When you configure DNAT, the NAT rule collection action is set to Dnat. Each rule in the NAT rule collection can then be used to translate your firewall public IP address and port to a private IP address and port. DNAT rules implicitly add a corresponding network rule to allow the translated traffic. For security reasons, the recommended approach is to add a specific Internet source to allow DNAT access to the network and avoid using wildcards.

DNAT rules allow or deny inbound traffic through the firewall public IP address(es). You can use a DNAT rule when you want a public IP address to be translated into a private IP address. The Azure Firewall public IP addresses can be used to listen to inbound traffic from the Internet, filter the traffic and translate this traffic to internal resources in Azure.
Related Azure Cloud job interview questions

Comments

No Comments Yet.
Be the first to tell us what you think.
AZ-700 Designing and Implementing Microsoft Azure Networking Solutions preparation
AZ-700 Designing and Implementing Microsoft Azure Networking Solutions preparation

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
Azure Firewall
Azure Firewall

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself