You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/virtual-network/ip-services/default-outbound-access.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -52,7 +52,7 @@ If you deploy a virtual machine in Azure and it doesn't have explicit outbound c
52
52
53
53
* Customers don't own the default outbound access IP. This IP may change, and any dependency on it could cause issues in the future.
54
54
55
-
## How can I disable default outbound access?
55
+
## How can I transition to an explicit method of public connectivity (and disable default outbound access)?
56
56
57
57
There are multiple ways to turn off default outbound access:
58
58
@@ -68,18 +68,18 @@ There are multiple ways to turn off default outbound access:
68
68
69
69
* Use Flexible orchestration mode for Virtual Machine Scale Sets.
70
70
71
-
* Flexible scale sets are secure by default. Any instances created via Flexible scale sets don't have the default outbound access IP associated with them. For more information, see [Flexible orchestration mode for Virtual Machine Scale Sets](../../virtual-machines/flexible-virtual-machine-scale-sets.md)
71
+
* Flexible scale sets are secure by default. Any instances created via Flexible scale sets don't have the default outbound access IP associated with them, so an explicit outbound method is required. For more information, see [Flexible orchestration mode for Virtual Machine Scale Sets](../../virtual-machines/flexible-virtual-machine-scale-sets.md)
72
72
73
73
>[!Important]
74
-
> When a backend pool is configured by IP address, it will use default outbound access due to an ongoing known issue. For secure by default configuration and applications with demanding outbound needs, associate a NAT gateway to the VMs in your load balancer's backend pool to secure traffic. See more on existing [known issues](../../load-balancer/whats-new.md#known-issues).
74
+
> When a load balancer backend pool is configured by IP address, it will use default outbound access due to an ongoing known issue. For secure by default configuration and applications with demanding outbound needs, associate a NAT gateway to the VMs in your load balancer's backend pool to secure traffic. See more on existing [known issues](../../load-balancer/whats-new.md#known-issues).
75
75
76
76
## If I need outbound access, what is the recommended way?
77
77
78
78
NAT gateway is the recommended approach to have explicit outbound connectivity. A firewall can also be used to provide this access.
79
79
80
80
## Constraints
81
81
82
-
*Connectivity maybe needed for Windows Updates.
82
+
*Public connectivity is required for Windows Activation and Windows Updates. It is recommended to set up an explicit form of public outbound connectivity.
83
83
84
84
* Default outbound access IP doesn't support fragmented packets.
0 commit comments