yes, you should allow azure FW rules that should allow internet access.
https://learn.microsoft.com/en-us/azure/virtual-network/service-tags-overview
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello Experts,
So I have a small lab environment with a hub (Azure FW) and two Spokes (with VMs). I'm redirecting all traffic 0.0.0.0/0 via the firewall using UDRs.
However, I have noticed that the VMs NIC (in the spokes vnet) in this set up indicates "No internet access", however, if I create an application rule to allow microsoft.com for instance I can still browse the site. My question, what is preventing the VM NIC from showing internet access, is there a rule in Azure FW that I haven't created
yes, you should allow azure FW rules that should allow internet access.
https://learn.microsoft.com/en-us/azure/virtual-network/service-tags-overview
If I remember right the Windows Network Connectivity Status Indicator (NCSI) is running multiple tests to check if the client is connected to the internet.
So you should add https://www.msftconnecttest.com to your white-list in the Firewall.
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten