Merge pull request #232936 from GitaraniSharma-MSFT/patch-76

prmerger-automator[bot] · web-flow · commit 2d714075b13c · 2023-03-31T09:30:36.000Z
(AzureCXP) MicrosoftDocs/azure-docs#107366
diff --git a/articles/private-link/disable-private-endpoint-network-policy.md b/articles/private-link/disable-private-endpoint-network-policy.md
@@ -18,7 +18,10 @@ By default, network policies are disabled for a subnet in a virtual network. To
 
 Network policies can be enabled either for Network Security Groups only, for User-Defined Routes only, or for both.
 
-If you enable network security policies for User-Defined Routes, the /32 routes that are generated by the private endpoint and propagated to all the subnets in its own VNet and directly peered VNets will be invalidated if you have User-Defined Routing, which is useful if you want all traffic (including traffic addressed to the private endpoint) to go through a firewall, since otherwise the /32 route would bypass any other route.
+If you enable network security policies for User-Defined Routes, the /32 routes that are generated by the private endpoint and propagated to all the subnets in its own VNet and directly peered VNets will be invalidated if you have User-Defined Routing, which is useful if you want all traffic (including traffic addressed to the private endpoint) to go through a firewall, since otherwise the /32 route would bypass any other route. 
+
+> [!NOTE]
+> Unless you configure a UDR, the Private Endpoint Route of /32 will remain active. And for the UDR to work on all private endpoints within the subnet, you need to enable PrivateEndpointNetworkPolicies.
 
 You can use the following to enable or disable the setting:
 
