![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 4%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
858 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 86%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Hello @Samuel Souza ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you would like redirect connections from .com to .us domains for all United States IPs.
This is not possible via Azure Application gateway as the Geomatch custom rules available in Azure Application Gateway Web Application Firewall (WAF) v2 only allows 3 actions : Allow/Block/Log.
Refer : https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/custom-waf-rules-overview#action-required
https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/geomatch-custom-rules
The App gateway WAF V2 custom rules can either block, allow, or log requested traffic based on matching criteria and not redirect the domain based on the geo-match.
However, this is possible via Azure Front Door rules engine.
Refer the below docs for respective Azure Front Door SKU rules engine:
Azure Front Classic : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine?pivots=front-door-classic
Azure Front Door Standard/Premium : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine?pivots=front-door-standard-premium
You can use the match condition "Remote Address" to identify requests based on the requester's location or IP address.
https://learn.microsoft.com/en-us/azure/frontdoor/rules-match-conditions?pivots=front-door-standard-premium&tabs=portal#remote-address
The operator will be "Geo Match" with value "United States".
https://learn.microsoft.com/en-us/azure/frontdoor/rules-match-conditions?pivots=front-door-standard-premium&tabs=portal#properties-5
And then use the rule action as "URL redirect".
For Azure Front Door Classic : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine-actions?pivots=front-door-classic&tabs=portal#route-configuration-overrides
For Azure Front Door Standard/Premium : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine-actions?pivots=front-door-standard-premium&tabs=portal#UrlRedirect
So the Azure Front Door rule will look as below:
For Azure Front Classic :
For Azure Front Door Standard/Premium :
After creating the rule set, you can associate the Rule Set to a route so it can take effect.
Refer the below docs for step-by-step instructions:
For Azure Front Door Classic : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-tutorial-rules-engine
For Azure Front Door Standard/Premium : https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/how-to-configure-rule-set
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.