Need to aggregate a RG to a single Internet IP – Any ideas?

Hi folks, I’m deploying an Azure-hosted Citrix desktop for an organisation. My background is Citrix/Win, Azure more recent, networking avoided where possible!

A subset of our users have specific security needs, and they will all use a specific server desktop OS build managed separately at the Citrix and AD level. I have flexibility if I need to create a dedicated resource group or subnet.

My problem is one of the business requirements; accessing a sensitive website which operates a whitelist to permit access, based on the source IP.

We could manually build servers and give them static public IPs which are white listed, but our design tenet is around automation and Citrix Cloud machine creation services plugging in to Azure. MCS can only provision 1 NIC, and has no scope to slipstream any additional creation scripting.

The current plan is to deploy these machines, then recreate them into an availability set, as a load balancer seems to consistently present a public ip for the machines in the AS. – I have doubts on NATing, but we’ll test and see.

Is there a more elegant way to define an internet egress point for a subnet or resource group while maintaining the automated deployment of template VMs into the RG?

TL;DR – How can I make a number of Azure VMs all present the same Internet IP?

submitted by /u/Omiscient
[link] [comments]

Leave a Reply