Azure – Azure Firewall Manager can now integrate with virtual networks
As introduced some time ago, Azure Firewall Manager (AFM) is the central configuration and management point for Azure Firewall.
1 min read
As you know, you can setup a Site-to-Site VPN between your on-premises infrastructure and Azure.
This VPN connectivity involves the creation of a Local Network Gateway (LNG).
Until now, you add to configure a public IP for your LNG.
Well, good news you can now use a Fully Qualified Domain Name (FQDN) instead of the public IP. This is quite handy if you have to connect branch offices which may use a dynamic public IP.
To start using this new capability, logon to your Azure portal (https://portal.azure.com) and create a new LNG
Then you can switch to FQDN for the endpoint definition
![image_thumb[1]](https://20001872.fs1.hubspotusercontent-na1.net/hubfs/20001872/Imported_Blog_Media/image_thumb1-274.png "image_thumb[1]")
![image_thumb[2]](https://20001872.fs1.hubspotusercontent-na1.net/hubfs/20001872/Imported_Blog_Media/image_thumb2-212.png "image_thumb[2]"){kind=small}
NOTES
- Only 1 public IP is support when using FQDN. If the FQDN resolves to multiple IP’s, Azure VPN will then use the first IP returned.
- Azure VPN is caching DNS resolution for 5 minutes, which may lead to temporary disconnection when the public IP is updated
- The gateway tries to resolve FQDN only for disconnected tunnels (or if you reset the gateway)