Implement Azure Virtual Network NAT

45 minutes
  • 4 Learning Objectives

About this Hands-on Lab

This lab will start with a virtual machine with no public IP. Our task will be to enable outbound, public communication without relying on Azure Bastion. We will accomplish this task by creating a NAT gateway, associating it with our VM’s subnet, and verifying that the VM’s outbound IP is the same as our NAT gateway.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Log In to Private VM

Log in to the private VM via Azure Bastion, which is already set up, and verify the current outbound IP via command prompt. This IP is currently supplied by Azure Bastion. We will ultimately want our private VM’s IP to be supplied by a NAT gateway.

The command to check the external IP is:

dig +short
Create a NAT Gateway
  • Create a NAT gateway.
  • Create a new public IP address associated with the gateway.
Associate NAT Gateway with Subnet

Associate the NAT gateway with the subnet that contains our private VM.

Check Private VM’s New Public IP

We will run the same external IP check command to view the new external IP associated with the private VM. It should match the public IP of our NAT gateway. This will verify that NAT gateway has been properly configured.

Additional Resources

Lab Setup

Log in to the Azure portal using the credentials provided on the lab page. Be sure to use an incognito or private browser window to ensure you're using the lab account, rather than your own.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?