Skip to content

Commit 756bc46

Browse files
JackStrombergJackStromberg
authored
internet examples
internet examples
1 parent 20fbe77 commit 756bc46

File tree

1 file changed

+6
-0
lines changed

1 file changed

+6
-0
lines changed

articles/application-gateway/application-gateway-private-deployment.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -219,6 +219,12 @@ Virtual Network NAT offers control over what IP address or prefix should be used
219219

220220
If a virtual appliance is required for internet egress, see the [route table control](#route-table-control) section in this document for more information.
221221

222+
Common scenarios where public IP usage is required:
223+
- Communication to key vault without use of private endpoints or service endpoints
224+
- Outbound communication is not required for pfx files uploaded to Application Gateway directly
225+
- Communication to backend targets via internet
226+
- Communication to internet facing CRL or OCSP endpoints
227+
222228
## Network Security Group Control
223229

224230
Network security groups associated to an Application Gateway subnet no longer require inbound rules for GatewayManager, and they don't require outbound access to the Internet. The only required rule is **Allow inbound from AzureLoadBalancer** to ensure health probes can reach the gateway.

0 commit comments

Comments
 (0)