Disable TCP and ICMP Timestamps on Azure Application Gateway
Hello, I have an Application Gateway with WAFv2 that sits in front of my App Services. An audit revealed that TCP and ICMP timestamps are being disclosed. Can someone please assist me with disabling this feature? Thank you.
Getting listener error "This listener cannot use the same frontend port as an existing listener" even though there is only one listener present on Azure Portal
Error "This listener cannot use the same frontend port as an existing listener" is displayed under port no. even though there is only one listener currently present in application gateway. I think it is a bug because we can have two listener…
What is SKU family?
Hi, upon reviewing our Application Gateways I saw the following in the ARM template exported from the portal: "sku": { "name": "WAF_v2", "tier": "WAF_v2", "family":…
Application gateway backend targets
Hi, Hopefully someone can assist me with this question which I cannot find a solution for currently. I am configuring something like the following:…
Getting error "Our services aren't available right now" While configure Azure front door on top of Application gate way
My Application is deployed on useast2 and central us on the aks cluster. They are using the service as a load balancer. On top of the load balancer, we are using an application gateway where all routing rules are configured.On top of that we are using a…
Using Key Vault for a backend root cert in Application Gateway
I am setting up an Application Gateway that uses TLS on the backend to talk to members of a VM Scale Set. I have this all in a bicep template and it works - I pass the root certificate into the template as a parameter. However, I would rather keep the…
"400 The SSL certificate error" from Azure Application Gateway with mTLS
I try to setup mTLS with an Azure Application Gateway. Unfortunately I always get an error <html> <head><title>400 The SSL certificate error</title></head> <body> <center><h1>400 Bad…
Azure application gateway
Hello everyone I have an Azure Application Gateway pricing plan standard v2. I have an Azure Function that I want to protect using the Application Gateway. Now, when I create the backend pools in the Application Gateway, I add the Azure Function to…
Managing 200 Websites with Application Gateway and WAF Protection
Hello, I have a single server that is currently hosting over 200 websites. Is it possible to manage all these websites using an application gateway and protect them with a WAF?
How to create script terraform to deploy application gateway
How to create script terraform to deploy application gateway
application gateway ingress return 502 error
I am unable to hit my backend endpoint via application gateway load balancer. It returns error 502 Bad Gateway.
Allow access through WAF only for whitelisted IPs
I have an Azure Application Gateway where I manage a few client domains. I have a few production and staging domains routed to this application gateway, which I manage where I need them to be pointed to. When I was working with the domains pointed…
How do I configure the Azure Application Gateway / backend pool to drop requests that are blocked by the WAF as the log file indicate the request was blocked but the script ends up in the database.
requests blocked by the WAF are being forwarded to the backend API servers. How do you configure the backend pool or WAF to drop requests that are blocked by the WAF.
What Authentication solution would you suggest in this scenario?
Context: We are migrating from Azure App Gateway V1 to Azure App Gateway V2 for load balancing. For authentication purposes, we used NTLM which AG V2 does not support. Now I am trying to find an alternative. Ideally, I want the authentications to…
Why ALB (App Gateway V2) with affinity session enabled won't work with NTLM
Hello, community I hope this message finds you well. Currently, our application is balanced with AGV1(NLB) and uses Windows Authentication with NTLM. I am aware that NTLM requires a persistent connection and that is one of the limitations of ALB.…
Switch Application Gateway tier from WAF v2 to Standard V2
For Application Gateway V2, there is tab to switch tier, but the tip says "Changing from the WAF_v2 tier to the Standard_v2 tier is not supported". But when actually switching it from waf v2 to standard v2 and it's saved successfully. …
Understanding time/latency fields from Application Gateway Access Logs
Hi, I am analyzing Access logs from Azure application gateway (table: AGWAccessLogs). I would like to clarify the meaning of below fields: · ClientResponseTime: · ServerResponseLatency · TimeTaken AGWResponseTimes.png Azure metrics for…
http2 compatibility
We have 2 environments were WAF is configured. In the DEV environment, its working on http2 In the UAT environment, its not working on http2. When the WAF configuration is change, it works on http1.1. I have provided some detains below (you will see…
Application Gateway WAF v2 and JSON property called base64
Hi, I need to configure some exclusions for base64 encoded data passed in a JSON body through Azure Application Gateway. Currently, the WAF is blocking my requests, and it outputs the following log entry: ruleId_s: 941130 details_message_s: Pattern…
Azure Web Application Firewall Certificate Error
Hi, I have apache2 running on one of my virtual machines. It has multiple SSL certificates, multiple domains, if i connect directly there are no issues. If i use the WAF i see a 502 error with the WAF displaying the following message in the backend…