This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 24%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EML%3C/text%3E%3C/svg%3E)
In the chapter "Isolation and segmentation" is mentioned the following 2 sentences:
"When you set up a virtual network, you define a private IP address space by using either public or private IP address ranges. The IP range only exists within the virtual network and isn't internet routable."
This I do not understand.
Can I define a public IP adress range on a VNET and it stays "internally" and traffic is not (per default) communicating with the internet so that it does not conflict with a public IP that is existing?
And second: Am I also right that if Internet Access is required then I must establish the appropriate Firewallrules?
Thanks for your question and apologies for the delayed response. Yes, you can choose public or private IP addresses when creating your VNET. Whether you define the address range as public or private, the address range is reachable only from within the virtual network, from interconnected virtual networks, and from any on-premises networks that you've connected to the virtual network.
While it is possible to use public IP addresses, we recommend that you use the address ranges enumerated in RFC 1918, which have been set aside by the IETF for private, non-routable address spaces:
Firewall rules are not required for outbound access on your VNET, however you will need to have the appropriate Network Security Group configured to allow the access. By default Virtual machines created in a virtual network without explicit outbound connectivity defined are assigned a default outbound public IP address. This IP address enables outbound connectivity from the resources to the Internet. This access is referred to as default outbound access.
Hope this answers your question! Let us know if you need further clarification and we will be happy to help!
Please don’t forget to "Accept the answer" wherever the information provided helps you, this can be beneficial to other community members.