How to redirect all US IP connections from .com domain to .us in Azure?

Samuel Souza 1 Reputation point
2023-01-02T14:40:32.713+00:00

Hello,

Any advice about how can I redirect connections from example.com domain to example.us only for IPs located in United States?

I am reviewing Application gateway WAF and FrontDoor but I cannot see where to create such rule, is that possible in Azure?

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
857 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,216 questions
{count} votes

2 answers

Sort by: Most helpful
  1. GitaraniSharma-MSFT 50,021 Reputation points Microsoft Employee Moderator
    2023-01-02T15:58:06.85+00:00

    Hello @Samuel Souza ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    I understand that you would like redirect connections from .com to .us domains for all United States IPs.

    This is not possible via Azure Application gateway as the Geomatch custom rules available in Azure Application Gateway Web Application Firewall (WAF) v2 only allows 3 actions : Allow/Block/Log.
    Refer : https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/custom-waf-rules-overview#action-required
    https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/geomatch-custom-rules

    The App gateway WAF V2 custom rules can either block, allow, or log requested traffic based on matching criteria and not redirect the domain based on the geo-match.

    However, this is possible via Azure Front Door rules engine.
    Refer the below docs for respective Azure Front Door SKU rules engine:
    Azure Front Classic : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine?pivots=front-door-classic
    Azure Front Door Standard/Premium : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine?pivots=front-door-standard-premium

    You can use the match condition "Remote Address" to identify requests based on the requester's location or IP address.
    https://learn.microsoft.com/en-us/azure/frontdoor/rules-match-conditions?pivots=front-door-standard-premium&tabs=portal#remote-address

    The operator will be "Geo Match" with value "United States".
    https://learn.microsoft.com/en-us/azure/frontdoor/rules-match-conditions?pivots=front-door-standard-premium&tabs=portal#properties-5

    And then use the rule action as "URL redirect".
    For Azure Front Door Classic : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine-actions?pivots=front-door-classic&tabs=portal#route-configuration-overrides
    For Azure Front Door Standard/Premium : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine-actions?pivots=front-door-standard-premium&tabs=portal#UrlRedirect

    So the Azure Front Door rule will look as below:
    For Azure Front Classic :

    273709-image.png

    For Azure Front Door Standard/Premium :

    273745-image.png

    After creating the rule set, you can associate the Rule Set to a route so it can take effect.
    Refer the below docs for step-by-step instructions:
    For Azure Front Door Classic : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-tutorial-rules-engine
    For Azure Front Door Standard/Premium : https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/how-to-configure-rule-set

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments No comments

  2. 2023-06-21T08:50:32.9933333+00:00

    عد إنشاء مجموعة القواعد ، يمكنك إقران مجموعة القواعد بمسار حتى تصبح سارية المفعول.
    ارجع إلى المستندات أدناه للحصول على إرشادات خطوة بخطوة:
    للحصول على Azure Front Door Classic: https://learn.microsoft.com/en-us/azure/frontdoor/front-door-tutorial-rules-engine
    للحصول على Azure Front Door Standard / بريميوم: https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/how-to-configure-rule-set

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.