Skip to content

Commit 93c1500

Browse files
author
Tanu Balla
authored
update dns guidance
1 parent d6871a8 commit 93c1500

File tree

1 file changed

+4
-7
lines changed

1 file changed

+4
-7
lines changed

articles/bastion/bastion-faq.md

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -29,18 +29,15 @@ Azure Bastion doesn't move or store customer data out of the region it's deploye
2929

3030
### Can I use Azure Bastion with Azure Private DNS Zones?
3131

32-
Azure Bastion needs to be able to communicate with certain internal endpoints to successfully connect to target resources. Therefore, you *can* use Azure Bastion with Azure Private DNS Zones as long as the zone name you select doesn't overlap with the naming of these internal endpoints. Before you deploy your Azure Bastion resource, please make sure that the host virtual network isn't linked to a private DNS zone with the following *in* the name:
32+
Azure Bastion needs to be able to communicate with certain internal endpoints to successfully connect to target resources. Therefore, you *can* use Azure Bastion with Azure Private DNS Zones as long as the zone name you select doesn't overlap with the naming of these internal endpoints. Before you deploy your Azure Bastion resource, please make sure that the host virtual network is not linked to a private DNS zone with the following exact names:
3333

3434
* blob.core.windows.net
35-
* vault.azure.net
36-
37-
If you are using a Private endpoint integrated Azure Private DNS Zone, the [recommended DNS zone name](../private-link/private-endpoint-dns.md#azure-services-dns-zone-configuration) for several Azure services overlap with the names listed above. The use of Azure Bastion *is not* supported with these setups.
38-
39-
In addition, please make sure that the host network isn't linked to a private DNS zone with the following exact names:
40-
35+
* vault.azure.com
4136
* core.windows.net
4237
* azure.com
4338

39+
You may use a private DNS zone ending with one of the names listed above (ex: dummy.blob.core.windows.net) as long as it is not one of the recommended DNS zone names for an Azure service listed [here](../private-link/private-endpoint-dns.md#azure-services-dns-zone-configuration).
40+
4441
The use of Azure Bastion is also not supported with Azure Private DNS Zones in national clouds.
4542

4643
### <a name="subnet"></a>Can I have an Azure Bastion subnet of size /27 or smaller (/28, /29, etc.)?

0 commit comments

Comments
 (0)