Routing External Subnets to Azure Firewall via NVA
Hi There,
In our current setup, we connect to the workload via ExpressRoute and VPN. Additionally, we plan to deploy a NVA firewall VM where the IPsec tunnel will terminate. The diagram below provides further details.
All production vNets have their default route pointing to the Azure Firewall. Some of the prefixes advertised through the VPN tunnel need to access the production network. Our plan is for the NVA firewall to route those external subnets through the Azure Firewall, as the production vNets already have a return default route in place. As these subnets are external, we cannot use UDRs to route the traffic. Could you advise on an option to advertise these subnets to the Azure Firewall?
Thank You in Advance