Share via

How to replace Route Tables by using Azure Route Server?

Bram vd Klinkenberg 71 Reputation points
2024-10-03T07:47:02.21+00:00

How do I setup Azure Route Server to replace Route Tables that route traffic to an Azure Firewall instance?

We have a hybrid setup and our on-premise location is connected to our Azure environment via Express Route. We have an Azure Network Gateway (type is ExpressRoute) to exchange routes.
The Network Gateway is connected to our Hub Vnet and we have an Azure Firewall connected to the Hub.
For each landingzone we deploy, we also deploy a spoke vnet plus peering to the hub, but also a nsg and route table. The route table is configured to send traffic to our firewall. I am looking into Azure Route Server to see if we can get rid of the Route Tables that only routes traffic to firewall.

Would it be enough to deploy the Route Server and connect it to the hub vnet and enable branch-to-branch? Or can/do I configure specifically to have all traffic go through the firewall first?

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
671 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,477 questions
Azure Route Server
Azure Route Server
An Azure service that enables network appliances to exchange route information with Azure virtual networks dynamically.
10 questions
Accepted answer
  1. KapilAnanth-MSFT 46,096 Reputation points Microsoft Employee
    2024-10-03T10:22:42.77+00:00

    @Bram vd Klinkenberg ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you would like to replace Route Tables pointing to Azure Firewall with a Azure Route Server.

    I am afraid this won't be possible.

    If you want to route the traffic to Azure Firewall without manually adding routes, you should consider using a vWAN with secured virtual hub with Private Traffic Routing Intent enabled.

    See : Virtual WAN Hub routing intent and routing policies

    User's image

    Azure Route Server seamlessly integrates with NVAs that can establish BGP Peering with it.

    Kindly let us know if this helps or you need further assistance on this issue.

    Thanks,

    Kapil

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.