We have an on prem RRAS server that connects to an Azure Virtual Network that allows us to have an On Prem/Azure hybrid. My query is, if i was to provision a public IP address in azure, what would be the best way to route it to one of our on prem VMs through the site to site connection? I have had a look around and haven't seen any similar scenarios.
This would help me in a few ways
- We have run out of public IPs locally and they are rather expensive from our provider
- It would make it easier for developers to expose stuff to the outside world for our lab environment
For now, we can't use Azure VPN in this way. Because Azure only route azure pre-defind IP addresses. the public IP access to Azure will not route to your on-prem VMs.
Have you looked at using Azure Application Gateway?
https://azure.microsoft.com/en-gb/services/application-gateway/
It will allow the gateway to be in Azure with a public IP and publish your on premise web services
Or how about a VM / virtual appliance with IP Forwarding enabled running NAT that can then forward traffic to your on premise network using your existing site-to-site link?
http://www.cisco.com/c/en/us/td/docs/security/asa/asa95/asav/quick-start/asav-quick/asav-azure.html