Move Public IP from one Application Gateway to another?

Marilee Turscak-MSFT 33,951 Reputation points Microsoft Employee
2024-04-18T20:59:28.74+00:00

 

We currently have an Application Gateway V1. I created a new Application Gateway tier WAF V2.

 

Is it somehow possible to use the public IP of the current Application Gateway and move it to the new Application Gateway?

 

In the new one, I went to "Frontend IP configurations" and selected the Public one. There I tried clicking "Delete", but it shows me:

 

*"*To function, your application gateway needs at least one Frontend IP configuration connected to a listener. Please configure a new or existing listener to use a different Frontend IP configuration." ** I currently have 4 listeners, which all use the public frontend IP. When I edit the 4 listeners and assign them the private frontend IP, it shows me:

 

*"Application Gateway does not support Application Gateway without Public IP for the selected SKU tier Standard_v2. Supported SKU tiers are Standard,WAF. Error code: "ApplicationGatewayFeatureCannotBeEnabledForSelectedSku"" * Is there a way I can manage to do this?

(*Note: This question was selected from a list of popular questions on Q&A.)

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
960 questions
0 comments
Accepted answer
  1. ChaitanyaNaykodi-MSFT 23,026 Reputation points Microsoft Employee
    2024-04-18T21:00:07.94+00:00

    @Marilee Turscak-MSFT

    Thank you for reaching out.

    I understand you are trying to migrate Application Gateway V1 to V2.

    Is it somehow possible to use the public IP of the current Application Gateway and move it to the new Application Gateway?

    As documented here It isn't possible to move the IP addresses associated with the existing V1 gateway seamlessly to V2.

    This is because the V1 SKU used a Dynamic Public IP Basic SKU and V2 requires a Static Public IP Standard SKU.

    I think the better option will be to assign a new static Public IP address Standard SKU to the Application Gateway V2 and perform the migration as described here depending on your requirements.

    • A custom DNS zone (for example, contoso.com) that points to the frontend IP address (using an A record) associated with your Standard V1 or WAF V1 gateway. You can update your DNS record to point to the frontend IP or DNS label associated with your Standard_V2 application gateway. Depending on the TTL configured on your DNS record, it may take a while for all your client traffic to migrate to your new V2 gateway.
    • You can do a controlled, granular migration using a Traffic Manager profile to incrementally route traffic (weighted traffic routing method) to the new V2 gateway. You can do this by adding the DNS labels of both the V1 and V2 application gateways to the Traffic Manager profile, and CNAMEing your custom DNS record (for example, www.contoso.com) to the Traffic Manager domain (for example, contoso.trafficmanager.net).
    • Update your clients to use the IP address(es) associated with the newly created V2 application gateway. We recommend that you don't use IP addresses directly. Consider using the DNS name label (for example, yourgateway.eastus.cloudapp.azure.com) associated with your application gateway that you can CNAME to your own custom DNS zone (for example, contoso.com).

    Hope this helps! Please let me know if you have any questions. Thank you!

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest