Doing an Azure deployment for a customer for HA purposes for their O365 identity services. They have 2 on-premise ADFS servers and utilize a virtual BIG-IP to act as the WAP.
In Azure we are building a DC, ADFS, WAP and Traffic Manager. I have setup and configured the virtual network, subnets, site to site VPN without any issues. I have placed the gateway in 1 subnet, the wap in 1 subnet and the adfs/dc in another subnet.
Does anybody have example network security groups configured for this scenario? I will be configuring 2 NSGs (1 for DMZ/Public subnet and 1 for Core/Internal subnet).
Any assistance is greatly appreciated!