Hi,
We have a .Net/SQL app on Azure (App is an 'App Service', connecting to a 'SQL database').
We need to have a fixed outgoing IP so that customers can allow our app to connect through their firewall to resources internal to their networks.
I've read that an AppService will use one of four possible outgoing IP addresses and we've had a test customer configure all four and that works well. However, this will not generally work. Customers will want just one IP address and also will want it to be private to us (i.e. not have the potential exposure of requests from any other Azure service).
How can we do this? If there is a solution for our App Service, that'll be great (and I'd kind of expect this option to be available). If not, how else can we configure this?
I can see the option to create a Reserved 'Public IP Address' resource, which sounds perfect. Is there anyway to 'wire' this to our App Service?
Can we use a 'Virtual Network' resource somehow to achieve this?
Do we need to move the app to a Cloud Service, VM, App Service Environment, etc, etc?
Cost is an issue - the App Service is on the 'Standard: 1 Medium' pricing plan and this meets our resource needs just fine. I'm happy to pay a little more to provision additional resources (e.g. paying for a fixed IP address), but don't want to scale up costs too significantly (I've heard that an ASE solution can be very expensive).
I also know that we can use an external fixed IP proxy service, but that would be a last resort as we want it all on one nice manageable platform. I've also read that AWS provide this (and in my struggle to get MSDN to provide us with our technical support contract - its taken 4 hours so far and now I'm giving up! - I was told by MSDN UK that going to AWS might be the simplest option for us - surely not!).
So, how do we do this? I'm assuming that we can achieve this with a VM, but I don't fancy the extra overhead in maintaining a server instance - one of the many reasons for moving to PaaS.
Any suggestions?