I have a domain registered through and external provider, say x.y.com, and want requests to this domain to be passed to an Azure VM with no public IP.
I've created an Azure DNS resource named x.y.com in the same resource group as my VM and arranged for the admin of my domain to point the domain's name servers to the given Azure name servers.
Then I pointed the A record to the internal/private IP of my server – 10.0.0.4 – but when I ping the domain from an external computer I get 10.0.0.4, which obviously is not visible from outside the Azure private network.
How do I get this to work?
Best Answer
Even if you get the name resolution to work that way, there is no public endpoint for your traffic to enter your vNET and reach your server. If you can’t have a public IP on your server I would deploy a Azure Firewall that will NAT the traffic and point the DNS to the firewall public IP
https://www.petri.com/understanding-and-creating-nat-rules-in-azure-firewall