class="wp-singular news-template-default single single-news postid-8130 wp-custom-logo wp-theme-microwarehouse tribe-no-js">
Important Azure Changes coming 30th September 2025 – What You Need to Know
Microsoft has announced significant changes to Azure’s networking infrastructure that will take effect on 30th September 2025. In our recent webinar (see below), we covered these critical updates, and we want to ensure you’re fully prepared for what’s coming.
The End of Basic IP Addresses
The most significant change is Microsoft’s retirement of basic IP addresses on 30th September 2025. This isn’t just a feature deprecation – it could potentially cause service outages if you don’t take action.
What’s Happening?
Starting 30th September 2025, Microsoft will begin turning off basic IP addresses. If your services currently rely on these addresses, you’ll need to migrate to standard IP addresses to avoid disruptions.
Why the Change?
Basic IP addresses have several limitations that Microsoft is addressing:
• Incompatibility with modern services: Basic IPs don’t work with standard Azure Load Balancers, Azure Net Gateway, or Azure Firewall
• Limited availability: They are not zone-available, meaning they can’t be distributed across multiple Availability Zones for better resilience
• Reduced functionality: They lack many features that standard IP addresses provide
Migration Requirements
The good news is that Microsoft has provided comprehensive migration guides for different services. While VPN SKU migrations may incur a small (€20-€30 per month), you’ll gain increased resilience and zonal availability – making it a worthwhile investment in your infrastructure’s reliability.
Default Outbound Access Changes
Alongside the IP address changes, Azure is implementing a significant shift in how VMs access the internet.
The New Reality
From 30th September 2025, Azure VMs will no longer have automatic internet access. Instead, you’ll need to explicitly configure internet connectivity for your VMs.
Why This Change Makes Sense
This shift aligns with Zero Trust networking principles and offers several benefits:
• Enhanced Security: No more implicit internet access means better control over your network security posture
• Cost Control: Eliminates unexpected bandwidth charges from services you didn’t realize were accessing the internet
• Reduced Confusion: No more wondering about those dynamic IP addresses that weren’t actually permanent
Your Options for Internet Access
We outlined 4 main approaches for granting internet access to your VMs, each with different cost and complexity considerations:
1. Direct IP Assignment
The simplest approach – assign IP addresses directly to each VM’s network card. At approx. €3.12 per month per IP address, it is straightforward, but can become expensive and complex to manage in larger environments.
2. Azure NAT Gateway (Microsoft’s Recommendation)
At approx. €28.00 per month plus standard IP and traffic costs, the NAT Gateway provides a single IP address for all VMs in a subnet. It’s easy to configure and manage, although it does not support inbound access.
3. Azure Load Balancer
More cost-effective at approx. €15.50 per month plus additional charges, Azure Load Balancers support both inbound and outbound access. However, they are more complex to configure and manage.
4. Virtual Network Appliances (NVAs)
These virtual firewalls and routers offer the most comprehensive solution, providing additional security features and VPN functionality. Costs vary by vendor and VM size, but they deliver Enterprise-grade security similar to traditional on-premises firewalls.
Taking Action
The 30th September 2025 deadline is approaching quickly.
Here’s what you should do:
1. Audit Your Current Setup: Identify any services using basic IP addresses
2. Review Migration Options: Choose the internet access method that best fits your needs and budget
3. Plan Your Migration: Use Microsoft’s guides to plan your transition
4. Test Thoroughly: Ensure your new configuration works as expected before the deadline
Need Help?
These changes might seem daunting, but you don’t have to navigate them alone. We are here to help you assess your current Azure environment, plan your migration strategy, and help implement the changes smoothly.
Our upcoming MicroWarehouse Roadshow 2025 will also provide hands-on guidance and support. Visiting Belfast, Cork, Galway and Dublin, our MWH Roadshow 2025 offers excellent opportunities to get personalised advice for your specific situation.
The Bottom Line
While these changes require action on your part, they ultimately represent Microsoft’s commitment to providing more secure, reliable, and cost-effective cloud services. By taking proactive steps now, you’ll not only avoid service disruptions but also position your infrastructure for better security and performance.
Don’t wait until the last minute – start planning your migration today. The 30th September 2025 deadline will be here before you know it, and proper preparation will ensure a smooth transition to Azure’s enhanced networking capabilities.
________________________________________
Have questions about these changes or need assistance with your migration? Contact our Azure Team for personalised guidance and support tailored to your specific Azure environment.
See our recent MWH blog on ‘Major Changes Coming to Azure Networking: End of Default Outbound Access’
Default outbound access in Azure – Azure Virtual Network | Microsoft Learn