change BGP route probagation

vhorne · vhorne · commit 4672bd0b47d8 · 2020-02-13T12:54:27.000-08:00
diff --git a/articles/firewall/forced-tunneling.md b/articles/firewall/forced-tunneling.md
@@ -25,7 +25,7 @@ have a default route not going directly to the Internet are disabled.
 
 To support forced tunneling, service management traffic is separated from customer traffic. An additional dedicated subnet named *AzureFirewallManagementSubnet* is required with its own associated public IP address. The only route allowed on this subnet is a default route to the Internet, and BGP route propagation must be disabled.
 
-If you have a default route advertised via BGP to force traffic to on-premises, you must create the *AzureFirewallSubnet* and *AzureFirewallManagementSubnet* before deploying your firewall and have UDR with a default route to the Internet, and BGP route propagation disabled.
+If you have a default route advertised via BGP to force traffic to on-premises, you must create the *AzureFirewallSubnet* and *AzureFirewallManagementSubnet* before deploying your firewall and have a UDR with a default route to the Internet, and Virtual network gateway route propagation disabled.
 
 Within this configuration, the *AzureFirewallSubnet* can now include routes to any on-premise firewall or NVA to process traffic before it's passed to the Internet. You can also publish these routes via BGP to *AzureFirewallSubnet* if Virtual network gateway route propagation is enabled on this subnet.
 
