Can I assign a private IP to NAT gateway

1. Create a Virtual Network (VNet):
   • Create a VNet if you don't have one already.
   • Ensure your Logic Apps are integrated with this VNet.
2. Set up a Private Endpoint for Logic Apps:
   • Azure Logic Apps can be configured to connect to your VNet using a Private Endpoint.
   • Create a Private Endpoint for your Logic App. This will ensure that all traffic from the Logic App to the API goes through your VNet, keeping it internal.
3. Create a NAT Gateway:
   • A NAT Gateway allows your VNet to access resources over the internet or external services, but using a private IP.
   • Create a NAT Gateway and associate it with the subnet in the VNet that your Logic Apps will use.
4. Assign Static Private IP to NAT Gateway:
   • When setting up the NAT Gateway, assign a static private IP from the subnet to ensure the outbound traffic from the Logic App always uses this private IP.
   • You need to ensure that the subnet where your Logic App runs is using this NAT Gateway for outbound traffic.
5. Route traffic through NAT Gateway:
   • In the Route Table associated with the subnet where the Logic App is deployed, ensure that the route is directed to the NAT Gateway.
   • This ensures that any outbound traffic from your Logic App to the internal server stays within the private network.
6. Ensure Internal Server Accessibility:
   • Verify that the internal server where your Logic App will send API requests is accessible from the VNet.
   • The internal server should have the appropriate network security group (NSG) rules and private IP address configured to accept traffic from the Logic Apps.
7. Testing:
   • Once configured, test the API calls from your Logic App to ensure the traffic is routed over the private network and uses the static private IP of the NAT Gateway.

Can you provide me any documentation on how to complete step 4? How do I Assign Static Private IP to NAT Gateway?

It keeps on asking for a public IP and I see no way to assign just a private IP here. Do you mean assign a public/private IP pair?

Hi Anchal Singh, A private IP cannot be assigned to the NAT Gateway; only a public IP can be assigned. The NAT Gateway uses this public IP to access the internet Refer this link : https://learn.microsoft.com/en-us/azure/nat-gateway/faq#is-the-nat-gateway-public-ip-address-static Please "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

Hi,

I am speaking in reference to the above answer by Zafar (MVP).

So for step 4 the NAT Gateway will have a static Public IP assigned to it not private one. (Private IP will be allotted and NAT will change that to a public IP).

If that is the case then in Step 6 my internal server needs to be accessible by the Public IP (of NAT gateway) to 'accept traffic from the Logic Apps'?? and not accessible by the VNet and private IP address?

In Step 7 API calls to my internal server from Logic app with be over a public network using NAT's public IP?? and not its private IP over a private network?

Please refer to my question and the first answer provide by MVP and tell me if it is feasible or not? Because from your recent response it seems like the first answer give by Zafar (MVP) is not practical as it contradicts Step 4, 6 & 7. Kindly provide some clarity.

Hi Team,

Can I please get a response on the above query.