Merge pull request #291505 from vhorne/fw-mgt-nic

updates from abhinav

Author: prmerger-automator[bot]

articles/firewall/management-nic.md

@@ -12,13 +12,13 @@ ms.author: victorh
 # Azure Firewall Management NIC
 
 > [!NOTE]
-> This feature was previously called Forced Tunneling. Originally, a Management NIC was required only for Forced Tunneling. However, upcoming Firewall features will also require a Management NIC, so it has been decoupled from Forced Tunneling. All relevant documentation has been updated to reflect this.
+> This feature was previously called Forced Tunneling. Originally, a Management NIC was required only for Forced Tunneling. However, certain upcoming Firewall features will also require a Management NIC, so it has been decoupled from Forced Tunneling. All relevant documentation has been updated to reflect this.
 
-An Azure Firewall Management NIC separates firewall management traffic from customer traffic. Upcoming Firewall features will also require a Management NIC. To support any of these capabilities, you must create an Azure Firewall with the Firewall Management NIC enabled or enable it on an existing Azure Firewall. This is a mandatory requirement to avoid service disruption.
+An Azure Firewall Management NIC separates firewall management traffic from customer traffic. Certain upcoming Firewall features will also require a Management NIC. To support any of these capabilities, you must create an Azure Firewall with the Firewall Management NIC enabled or enable it on an existing Azure Firewall to avoid service disruption.
 
 ## What happens when you enable the Management NIC
 
-If you enable a Management NIC, the firewall routes its management traffic via the AzureFirewallManagementSubnet (minimum subnet size /26) with its associated public IP address. You assign this public IP address for the firewall to manage traffic. It's used exclusively by the Azure platform and can't be used for any other purpose. All traffic required for firewall operational purposes is incorporated into the AzureFirewallManagementSubnet. 
+If you enable a Management NIC, the firewall routes its management traffic via the AzureFirewallManagementSubnet (minimum subnet size /26) with its associated public IP address. You assign this public IP address for the firewall to manage traffic. All traffic required for firewall operational purposes is incorporated into the AzureFirewallManagementSubnet. 
 
 By default, the service associates a system-provided route table to the Management subnet. The only route allowed on this subnet is a default route to the Internet and *Propagate gateway routes* must be disabled. Avoid associating customer route tables to the Management subnet, as this can cause service disruptions if configured incorrectly. If you do associate a route table, then ensure it has a default route to the Internet to avoid service disruptions.
 
@@ -91,33 +91,33 @@ Now when you view the firewall in the Azure portal, you see the assigned Managem
 If you prefer to deploy a new Azure Firewall instead of the Stop/Start method, make sure to include a Management Subnet and Management NIC as part of your configuration.
 
 **Important Note**
-* **Single Firewall per Virtual Network (VNET)**: Since two firewalls cannot exist within the same virtual network, it is recommended to delete the old firewall before starting the new deployment if you plan to reuse the same VNET.
-* **Pre-create Subnet**: Ensure the **AzureFirewallManagementSubnet** is created in advance to avoid deployment issues when using an existing VNET.
+* **Single Firewall per Virtual Network (VNET)**: Since two firewalls can't exist within the same virtual network, it's recommended to delete the old firewall before starting the new deployment if you plan to reuse the same virtual network.
+* **Pre-create Subnet**: Ensure the **AzureFirewallManagementSubnet** is created in advance to avoid deployment issues when using an existing virtual network.
 
 **Prerequisites**
 * Create the **AzureFirewallManagementSubnet**:
     * Minimum subnet size: /26
     * Example: 10.0.1.0/26
 
 **Deployment Steps**
-1. Go to **Create a Resource** in the Azure Portal.
+1. Go to **Create a Resource** in the Azure portal.
 1.	Search for **Firewall** and select **Create**.
-1.	On the Create a Firewall page, configure the following:
+1.	On the Create a Firewall page, configure the following settings:
     * **Subscription**: Select your subscription.
     * **Resource Group**: Select or create a new resource group.
     * **Name**: Enter a name for the firewall.
     * **Region**: Choose your region.
     * **Firewall SKU**: Select Basic, Standard, or Premium.
     * **Virtual Network**: Create a new virtual network or use an existing one.
-         * Address space: e.g., 10.0.0.0/16
-         * Subnet for AzureFirewallSubnet: e.g., 10.0.0.0/26
+         * Address space: for example, 10.0.0.0/16
+         * Subnet for AzureFirewallSubnet: for example, 10.0.0.0/26
     * **Public IP Address**: Add new Public IP
-         * Name: e.g., FW-PIP
+         * Name: for example, FW-PIP
 1.	Firewall Management NIC
     * Select **Enable Firewall Management NIC**
-         * Subnet for AzureFirewallManagementSubnet: e.g., 10.0.1.0/24
-         * Create Management public IP address: e.g., Mgmt-PIP
-1.	Select **Review + Create** to validate and deploy the firewall. This will take a few minutes to deploy. 
+         * Subnet for AzureFirewallManagementSubnet: for example, 10.0.1.0/24
+         * Create Management public IP address: for example, Mgmt-PIP
+1.	Select **Review + Create** to validate and deploy the firewall. This takes a few minutes to deploy. 
 
 
 ## Related content