How to setup an application gateway with private webapp ?

Younes 36 Reputation points
2023-01-17T16:10:43.13+00:00

Hello,

I created a private web application only accessible through a private endpoint, my virtual network is connected to my on premise network and I can access my web application just fine. When I tried to integrate the application gateway i get the error Status unknown

The backend health status could not be retrieved. This happens when an NSG/UDR/Firewall on the application gateway subnet is blocking traffic on ports 65503-65534 in case of v1 SKU, and ports 65200-65535 in case of the v2 SKU or if the FQDN configured in the backend pool could not be resolved to an IP address. To learn more visit - https://aka.ms/UnknownBackendHealth.|I added a network security group with the following configuration to the gateway subnet:

User's image

in which I allow connection from GatewayManager to the required ports and i allow connection between the webapp subnet and gateway subnet, what I am missing ?

Thanks

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
566 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Manu Philip 14,061 Reputation points MVP
    2023-01-17T20:57:20.2733333+00:00

    The following link shows a solution to the issue you are looking for. Application Gateway must be restarted after any modification to the backend server DNS entries to begin to use the new IP addresses.

    In short, the following cli can help to refresh the backend pool.

    az network application-gateway address-pool update -g <rg name> -n appGatewayBackendPool --gateway-name <gw name> --servers "${appName}.azurewebsites.net"

    Updates to the DNS entries of the backend pool


    --please don't forget to upvote and Accept as answer if the reply is helpful--

    No comments

  2. Manu Philip 14,061 Reputation points MVP
    2023-01-19T04:18:46.7566667+00:00

    I have detailed a similar use case in my blog as below. Have a look and see, if you are missing any of the step needed

    Secure Azure Web Apps in private end point with Azure Application Gateways