I'm trying to set up an Azure VPN that only allows access to my Azure hosted website or resource. I found it unusual that the process wasn't as straightforward as just adding my IP to the allowed list on the public-facing site, which has some restrictions. It seems like I might need to pay for a DNS resolver to achieve what I want, which is to connect to the VPN for access to the private website. This feels like a basic routing issue, but it looks like Azure may require me to pay a hefty fee of $360 a month for a solution. I'm also considering that this might be linked to DNS requirements, and I might have to write a script to edit the host files on all machines in my tenant.
2 Answers
It sounds like you want to restrict access specifically to that web app indeed. Since your VPN is made for this app, that’s a smart move. If you later want to broaden access, you could just use this setup to allow things like blob storage access too. But for now, just focus on getting the VPN users connected to the webapp.
You don’t actually need an Azure DNS resolver for your setup. You could set up a B1s VM, either Linux or Windows, to act as a DNS forwarder. When you mention wanting VPN access just for your Azure website, are you looking to let VPN users reach it, or do you want to strictly limit their access to just that resource?

Related Questions
How to Build a Custom GPT Journalist That Posts Directly to WordPress
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads