Merge pull request #314677 from yash177-maker1/docs-editor/native-internet-connectivity-d-1776139328

prmerger-automator[bot] · web-flow · commit b08b6dcbc7c4 · 2026-04-14T04:30:33.000Z
Update native-internet-connectivity-design-considerations.md
diff --git a/articles/azure-vmware/native-internet-connectivity-design-considerations.md b/articles/azure-vmware/native-internet-connectivity-design-considerations.md
@@ -29,15 +29,18 @@ Internet connectivity using Azure Firewall is similar to the way Azure virtual n
 ## Steps:
 
 1. Have or create Azure Firewall or a third-party Network Virtual Appliance in the virtual network local to the private cloud or in the peered virtual network.
-1. Define an Azure route table with a 0.0.0.0/0 route pointing to the next-hop type Virtual Appliance with the next-hop IP address of the Azure Firewall private IP or IP of the Network Virtual Appliance.
-1. Associate the route table to the Azure VMware Solution specific virtual network subnets named “avs-nsx-gw” and “avs-nsx-gw-1”, which are part of the virtual network associated with private cloud.
+2. 
+3. Adjust the existing the route table to the Azure VMware Solution specific virtual network subnet named "avs-mgmt", required for management appliances, including vCenter, NSX and HCX Manager to communicate outbound.
 
-1. Associate the route table to the Azure VMware Solution specific virtual network subnet named "avs-mgmt", required for management appliances, including vCenter, NSX and HCX Manager to communicate outbound.
+4. Define an Azure user defined route with a 0.0.0.0/0 route pointing to the next-hop type Virtual Appliance with the next-hop IP address of the Azure Firewall private IP or IP of the Network Virtual Appliance.
+
+5. Associate the route table to the Azure VMware Solution specific virtual network subnets named “avs-nsx-gw” and “avs-nsx-gw-1”, which are part of the virtual network associated with private cloud.
+
+6. Have necessary firewall rules to allow traffic to and from the internet.
 
 >[!Note] 
 >The Azure route tables (UDR), associated with private cloud uplink subnets, and private cloud VNet need to be in the same Azure resource group.
 
-4. Have necessary firewall rules to allow traffic to and from the internet.
 
 ## Related topics
 - [Connectivity to an Azure Virtual Network](native-network-connectivity.md)
