Select Language:
If you’re running an Azure virtual machine (VM) and want it to access only three specific websites—especially when those sites block connections from cloud provider IPs outside your country—you can set things up so your VM appears to access these sites from your local, trusted IP address. This way, the sites will recognize your VM’s traffic as coming from your country, and you’ll be able to access them without issues.
Here’s how you can do this:
First, you need to route all traffic from your VM to go through your on-premises network, which has a public IP address trusted by the websites. This process is called selective routing. Instead of sending all internet traffic through Azure’s default paths, you’ll direct only the traffic destined for those three websites through your on-premises gateway.
Begin by identifying the public IP addresses of these websites. You can use a simple tool called nslookup on your computer to find each website’s IP address. Once you have these, you’ll create specific routes in your Azure environment.
Next, update your VM subnet’s route table. For each website’s IP address, add a route that directs traffic to the Virtual Network Gateway, which connects your Azure network to your on-premises network. For example, for each website IP (like 123.45.67.89), add a route: 123.45.67.89/32 → Next hop: Virtual Network Gateway. This makes sure only traffic to those websites goes through your own network.
On your on-premises firewall (like Fortigate), make sure to allow outbound traffic to these specific IPs. This step ensures that when your Azure VM tries to access these sites, the traffic exits from your trusted local IP address and isn’t blocked.
It’s very important not to create a default route that sends all internet-bound traffic through your on-premises network. Keep the default routing as it is so that the rest of your internet traffic continues to flow directly from Azure, maintaining performance and avoiding unnecessary load on your network.
Following these steps, your VM can securely access the three websites, appearing to come from your trusted country IP, while everything else continues to access the internet normally through Azure’s usual paths. This targeted approach helps you meet your security needs without sacrificing performance or flexibility.
If you find this helpful, please consider accepting and up-voting the solution. Sharing your feedback helps others in the community find useful information.
ChatGPT
Perplexity
Gemini AI
Grok AI
