You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/private-link/plsnat-how-to-draft.md
+8-8Lines changed: 8 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,21 +5,21 @@ author: abell
5
5
ms.author: abell
6
6
ms.service: azure-private-link
7
7
ms.topic: how-to #Don't change
8
-
ms.date: 02/05/2025
8
+
ms.date: 02/19/2025
9
9
10
10
#customer intent: As a network administrator, I want to disable SNAT requirement for private endpoint traffic through NVA so that I can ensure symmetric routing and comply with internal logging standards.
11
11
12
12
---
13
13
14
14
# How to Guide: Disable SNAT requirement for Private Endpoint Traffic through NVA
15
15
16
-
Source network address translation (SNAT) is no longer required for private endpoint destined traffic passing through a network virtual appliance (NVA). You can now configure a tag on your NVA VMs to notify the Microsoft platform that you wish to opt into this feature. This means SNATing will no longer be necessary for private endpoint destined traffic traversing through your NVA.
16
+
Source network address translation (SNAT) is no longer required for private endpoint destined traffic passing through a network virtual appliance (NVA). You can now configure a tag on your NVA VMs to notify the Microsoft platform that you wish to opt into this feature. This means SNATing is no longer be necessary for private endpoint destined traffic traversing through your NVA.
17
17
18
-
Enabling this feature provides a more streamlined experience for guaranteeing symmetric routing without impacting non-private endpoint traffic. It also allows you to follow internal compliance standards where the source of traffic origination needs to be available during logging. This feature is available in all regions.
18
+
Enabling this feature provides a more streamlined experience for guaranteeing symmetric routing without affecting nonprivate endpoint traffic. It also allows you to follow internal compliance standards where the source of traffic origination needs to be available during logging. This feature is available in all regions.
19
19
20
20
21
21
> [!NOTE]
22
-
> Disabling SNAT for private endpoint traffic passing through a Network Virtual Appliance (NVA) will cause a one-time reset of all long-running private endpoint connections established through the NVA. To minimize disruption, it is recommended to configure this feature during a maintenance window. This update will only impact traffic passing through your NVA; private endpoint traffic that bypasses the NVA will not be affected.
22
+
> Disabling SNAT for private endpoint traffic passing through a Network Virtual Appliance (NVA) causes a one-time reset of all long-running private endpoint connections established through the NVA. To minimize disruption, it's recommended to configure this feature during a maintenance window. This update will only affect traffic passing through your NVA; private endpoint traffic that bypasses the NVA won't be affected.
23
23
24
24
25
25
## Prerequisites
@@ -31,7 +31,7 @@ Enabling this feature provides a more streamlined experience for guaranteeing sy
31
31
32
32
### Disable SNAT requirement for Private Endpoint Traffic through NVA
33
33
34
-
The type of NVA you are using will determine how to disable SNAT for private endpoint traffic passing through the NVA. For the virtual machine you will add a tag on the NIC while on the VMSS you will enable the tag on the VM instance.
34
+
The type of NVA you're using determines how to disable SNAT for private endpoint traffic passing through the NVA. For the virtual machine, you add a tag on the Network interface (NIC). On the virtual machine scale set (VMSS) you enable the tag on the VMSS instance.
35
35
36
36
#### Add Tag to your VM NIC
37
37
@@ -41,7 +41,7 @@ The type of NVA you are using will determine how to disable SNAT for private end
41
41
1. In the search bar at the top, type "Virtual machines" and select it from the services.
42
42
1. From the list of VMs, select your virtual machine.
43
43
1. In the left navigation pane under **Settings**, select **Networking**, then select **Network settings**.
44
-
1. Under the **Network Interface** section, click on the NIC name. Now you are in the Network interface blade.
44
+
1. Under the **Network Interface** section, select on the NIC name. Now you are in the Network interface pane.
45
45
1. In the left navigation pane under **Overview**, select **Tags**.
46
46
1. Add a new tag with the following details:
47
47
@@ -53,7 +53,7 @@ The type of NVA you are using will determine how to disable SNAT for private end
53
53
1. Select **Apply** to save the tag.
54
54
55
55
> [!NOTE]
56
-
> The tag is case-sensitive. Ensure you enter it exactly as shown above.
56
+
> The tag is case-sensitive. Ensure you enter it exactly as shown.
57
57
58
58
# [**PowerShell**](#tab/vm-nic-powershell)
59
59
@@ -118,7 +118,7 @@ Verify the tag is present in the VM's NIC settings or VMSS settings.
118
118
119
119
1. Navigate to the **Tags** service in the Azure portal.
120
120
1. In the **Filter by** field, type `disableSnatOnPL`.
121
-
1. Select the tag from the list. Here you will see all resources with the tag.
121
+
1. Select the tag from the list. Here you see all resources with the tag.
122
122
1. Select the resource to view the tag details.
123
123
124
124
To learn more, see [View resources by tag](../azure-resource-manager/management/tag-resources-portal.md#view-resources-by-tag).
0 commit comments