Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Summary
This article helps you troubleshoot scenarios where virtual machines (VMs) behind a Standard internal load balancer (ILB) can't reach the internet. Unlike Basic ILBs, Standard ILBs don't provide default outbound access, so VMs in the backend pool need explicit outbound connectivity configuration, such as a NAT Gateway, to reach external endpoints.
Cause
Standard ILBs have default security features. Basic ILBs allow connecting to the internet through a hidden public IP address called the default outbound access IP. Don't use the default outbound access IP for production workloads, because the IP address isn't static or locked down through network security groups that you own.
Solution
If you recently moved from a Basic ILB to a Standard ILB and need outbound connectivity to the internet from your VMs, configure Azure NAT Gateway on your subnet. Use NAT Gateway for all outbound access in production scenarios.